In my previous post I reviewed the trends related to the integration of Linux systems into environments managed by Active Directory (AD). In this post I will review two integration options, namely: direct integration and indirect integration.
The direct option is, not surprisingly, when your systems are integrated into AD directly (i.e. your Linux systems communicate directly with AD), while the indirect option leverages an intermediary server (see figure below).
Before we dive into an overview and detailed comparison of these two integration options we need to define “the aspects of the integration”. The aspects of integration are:
- Authentication - A user logs into a Linux system, how is he or she authenticated?
- Identity Lookup - How does a given system know about the right accounts? How are Active Directory accounts are mapped to accounts used on Linux?
- Name Resolution and Service Discovery - How does a system know where to find its authentication and identity server?
- Policy Management - How are other identity related policies are managed on the system?
Having outlined this set of criteria, my next post will use it towards reviewing both the direct and indirect integration options in greater detail.