Features/LikewiseOpen

= Likewise Open =

Summary
Likewise Open joins Linux machines to Microsoft Active Directory and securely authenticates users with their domain credentials.

Owner

 * Name: Scott Salley


 * Email: ssalley@likewise.com

Current status

 * Targeted release:
 * Last updated: March 1, 2010
 * Percentage of completion: 90%

Detailed Description
After joining to Active Directory, users will be able to log in with their domain credentials.

Benefit to Fedora
The addition of Likewise Open will allow Fedora into environments where computers and users must be managed by Active Directory, namely large corporations dominated by MS Windows.

Scope

 * 1) Get changes into SELinux
 * 2) OpenLDAP version is appropriate
 * 3) Kerberos version is appropriate

How To Test
A misconfigured authentication system can prevent all logins! Initial testing should be done with a system you don't care about or through a VM.


 * 1) Join you machine to Active Directory through either the command line or GUI interface.
 * 2) domainjoin-cli join DOMAIN.COM DOMAIN\\username 
 * 3) domainjoin-gui
 * 4) Attempt logging in as a domain user.
 * 5) ssh by DOMAIN\\username@localhost

The number of 'whacks' between DOMAIN and username varies depending on if the 'whack' is an escape character.

All programs should behave normally once you are logged in.

User Experience
Login screens and prompts will appear the same as usual but Active Directory credentials will accepted.

Dependencies
No other packages are dependent on Likewise Open.

Likewise Open is dependent on
 * OpenLdap
 * Kerberos
 * SELinux

Contingency Plan
Likewise Open is not a necessary part of the distribution and nothing (but my ego) will be harmed if it is not included.

Documentation

 * Likewise Open 

Release Notes

 * Likewise Open provides a means to authenticate with Microsoft's Active Directory.

Comments and Discussion

 * See Talk:Features/LikewiseOpen