[Freeipa-users] Assessment of FreeIPA for local central authentication and user management service for a single server with multiple services in need for AA
Oguz Yilmaz
oguzyilmazlist at gmail.com
Tue Mar 27 08:32:53 UTC 2012
Hello,
I plan to implement a common authentication and authorization system
for several Linux applications. My research has redirected me to
FreeIPA, and I am happy to know about such a good project.
However, I dont have any purpose of managing non-windows computers and
users. This is a one gateway box, single machine system.
My planned system has several services, Some examples to use that AA
system is: xl2tpd, pptpd, openvpn, squid and some custom made web
applications.
I need the following functions for those services and applications:
- User authentication
- User roles and authorization (vpnuser, manager, webuser...)
- User, role and credentials management (creating users by admin,
passsword changes by users,...)
- AD and radius sync or proxying AA.
The services can be connected to the AA system through an
authenticator system binary. Binary is called with user credentials
and service requesting AA; and results in grant or reject. System
services may use this binary for checking authentication and
authorization.
Do you think FreeIPA is a good choice? What would you suggest, otherwise?
Best Regards,
--
Oguz YILMAZ
More information about the Freeipa-users
mailing list