PADL Software Pty Ltd

PADL Software Pty Ltd

 

About PADL

Articles

Commercial Software

Contacting PADL

Documentation

Open Source Software

Partners

Purchasing

Research and Development

Technical Support


 

Clarification on VAS Frequently Asked Questions

The document at http://www.vintela.com/support/faq/vasfaq.php#question5 makes a number of incorrect assertions about PADL's nss_ldap module. This article attempts to correct these.

  • Convenient Security. Vintela assert that PADL's nss_ldap module has "absolutely no Kerberos integration". The last sixty releases of nss_ldap have supported Kerberos authenticated LDAP sessions, with integrity and privacy.
  • Easy Configuration. Vintela assert that PADL's nss_ldap module does not support DNS SRV records for domain controller location. nss_ldap has supported the use of DNS SRV records since its initial release. Using ldapprofile, nss_ldap also supports the DUA configuration profile for directory-based configuration.
  • Scalability: Vintela assert that "PADL (sic) does not scale beyond a few thousand users". PADL's nss_ldap module leverages the operating system's name service cache daemon, as well as paged results, to efficiently use the directory server. For deployments where domain controller service is unreliable, a local proxy cache may be used to provide a persistent cache of directory information.
  • Kerberos Based Identities. Vintela assert that "PADL does not use kerberos in any form (sic)". Many of our customers have found nss_ldap, in conjunction with Kerberos, to be a compelling solution. Indeed, PADL developed the Kerberos Credentials Manager specifically for this type of deployment.

We acknowledge Vintela Authentication Services has a number of features suited to Active Directory; we are publishing this document simply so that customers may make an informed choice.

The PADL nss_ldap module is in use at a number of Active Directory deployments across the world.

Advantages of PADL's nss_ldap include:

  • No per-user or per-client license fees
  • Open source
  • Directory server-agnostic: works with Microsoft Active Directory, Novell eDirectory, OpenLDAP, Sun ONE Directory Server
  • Supported on all major platforms including AIX, FreeBSD, HP-UX, Linux and Solaris
  • Backed by commercial support from PADL, Symas, and others


Home | Bugzilla

Copyright 1999-2014 PADL Software Pty Ltd ABN 16 085 895 585. All rights reserved.
PADL is a registered trademark of PADL Software Pty Ltd.