I know there isn't anything standard like Active Directory in the Linux world, but I'm assuming there's some way (or multiple ways) to implement a similar type of system. What options are out there? I've done some searching but so far I've just come up with stuff for integrating Linux into an Active Directory environment.
The primary need is single sign on and centralized account management. A Group Policy type setup would be useful too.
The reason I'm asking is because I'm doing research into what it would take to setup and maintain an all Linux environment for a new business. I'm trying to figure out the costs, downsides, and benefits of such an environment.
You can take a look into OpenLDAP, or another directory services solution, but I have yet to find an 'all in one' solution such as ActiveDirectory - there always seems to be pieces, such as GPOs, which you need to sort out yourself.
Take a look at:
RedHat Directory Server
Apache Directory Server
OpenLDAP
eDirectory
OpenDS
If you're looking for something that runs on Linux there are a couple of directory servers out there. The closest thing to Active Directory is probably the Mandriva Directory Server. RedHat also has their own directory server which does some of the same things.
I think the best Open Source competitor for AD will be FreeIPA. Like AD it integrates DNS, Kerberos and LDAP. It is not there yet in terms of features, but it looks like the upcoming release 2 will deliver the goods.
Gosa is another OSS project, but would need heavy customization for group policy like features. Since it is just a web front end for a custom OpenLDAP schema, it is reliable and fast. But the interface is awkward, especially for access control.
Zivios also looks like an interesting upcoming project. Edit on May 02 2012: Zivios hasn't been updated in a while.
There are a number of directory services implementations availible for linux. Most are based on LDAP and so provide a standardised language for applications that use the directory to communicate with. It also means you can communicate between different directory services.
Many of the Red Hat clones have their own implementation of the Red Hat Directory Server.
OpenLDAP is the directory service usually used for signon management. It can be coupled with MySQL for scaling.
Suse Linux at Novell has tools for management of desktops via server tools (zenworks of some sort, I believe).
Cobbler is meant to automatically roll out installs of Linux to systems and servers.
puppet is a tool for automating management of installs and maintenance as well.
As Kyle said http://likewise.com is best but there is other product bit similer http://www.centrixsoftware.com/workspace/product-data-sheet.html
I second all the recommendations for directory servers. As far as group policy stuff, it depends on your desktop. If you're using the Gnome desktop it's possible to set policies globally through the use of Gconf by placing XML files in to
/etc/gconf
. The way to do this across all your systems is to use some kind of configuration management tool (Puppet, Bcfg2, CFEngine etc). The tool will also take care of any other system configuration files you need to dictate policy.Take a look at Novell Open Enterprise Server (for Directory Services, File Sharing, Network Services) and Novell ZENWorks (for policy management and virtually any other client management sorts of things).
http://www.novell.com/products/openenterpriseserver/ http://www.novell.com/products/zenworks/configurationmanagement/