Home / server / Questions / 13419
In Process
Laz
Asked: 2009-05-28 17:16:40 +0800 CST

What Are Some Good Open Source Alternatives to Active Directory?

  • 772

I'm looking for a good open-source alternative to active directory that can handle:

  • Authorization/Authentication
  • Group Policy
  • Replication and Trust Monitoring

In addition, are there any consolidated systems out there that handle these responsibilities?

Edit: Since a lot have asked for more details, I am trying to offer a service setting up an infrastructure for organizations, hardware/software setups, right now I am looking at a Linux stack, both desktops and servers, however a hybrid stack is possible, and I am investigating alternatives.

linux group-policy active-directory user-management open-source

13 Answers

  1. FreeIPA is one project that aims to replicate much of the functionality provided by Active Directory.

    www.freeipa.org

    • 6

  2. Samba can do some of the things that AD can, but I'm not sure I'd call it a full-blown alternative. Take a look at this Samba intro to see if it will suit your needs.

    • 4

  3. I use GoSa as my AD server :

    GOsa² provides a powerful GPL'ed framework for managing accounts and systems in LDAP databases. Using GOsa² allows system administrators to easily manage users and groups, fat and thin clients, applications, phones and faxes, mail distribution lists and many other parameters. In conjunction with FAI (Fully Automatic Installation), GOsa² allows the highly automated installation of preconfigured systems. GOsa² therefore provides a single, LDAP-based point of administration for large and small environments, thus making the administration of users and systems and all related parameters manageable and easy.

    More info on https://oss.gonicus.de/labs/gosa/

    • 3

  4. If you are taking about Windows systems, I dont think there is any framework which is complete. In the Unix world some projects try to cover most of it by use of LDAP, NIS, PAM, NFS/AFS-trees, and some provisioning tools.

    Look into Project Athena and Andrew for example.

    Some projects like OpenSSO are going to support some of the policy aspects, but optimized for applications.

    • 2

  5. There is no open-source alternative that is even close to the functionality of Active Directory, as of 2009 anyway.

    As MrDenny commented on your question - if you need all that, just use Active Directory, assuming you are supporting Windows clients.

    • 2

  6. I think you could have a look at open-source Apache Directory LDAP v3 compliant server http://directory.apache.org

    • 2

  7. As it was not mentioned yet, would 389 Directory Server be an alternative?

    • 1

  8. There is no open-source alternative that can do all that. Samba can do a useful subset. Why are you asking?

    • 0

  9. Samba 4, which is still beta, aims to be a strong alternative to AD.

    • 0

  10. If you're looking for something in the SOHO arena, then "SME Server" may do the trick.

    http://wiki.contribs.org

    I recently found it and have been playing with it on a test box. It seems pretty solid.

    It will take care of all the normal stuff; file/print sharing, web, email and NAT.

    It will also act as an old NT style PDC.

    A nice review can be found here http://www.theregister.co.uk/2010/11/17/review_sme_server/

    • 0