Blog

Jul
03

Creating a single sign-on solution using open-source software

Many people would simply look at this task and dismiss it because they think, surely you need to spend lots of money of a costly commercial solution, because something that is (almost) free can’t be good?

Fortunately this is not the case because there are many tools available either as part of your OS distribution, or directly downloadable from the Internet. This is also helped by the fact that most vendors now use standard components such as Kerberos and LDAP so it is relatively easy to creating tools that provide integration.

OK but how?

If you already have a Microsoft Windows server then Active directory can easily be used as a single-sign-on system for both AIX and Linux clients. If you only have AIX/Linux systems then OpenLDAP can also be used in conjunction with Samba.

Samba can provides SMB/CIFS file-sharing services for AIX/Linux and can also provide Active-Directory and Domain services.

Whether or not you use Windows/AD, your AIX/Linux systems need to install an LDAP client capable of binding with your Directory server, and Kerberos to provide encryption and ticket handling, all of which is simple to configure and does not require costly licences.

There is some overlap between Samba and Microsoft/AD, however this does not prevent you from installing both thus enabling you to not only have single sign-on but also to directly read and write data stored on Windows NTFS filesystems.

Our team can assist you implementing a single sign-on solution for AIX/Linux.
Please feel free to contact me for more information at andrew.cowan@systemscanaix.com or 0031 88 2583346.