freeIPA logo

There is a new project on the block: freeIPA. This is an effort to shore up the existing identity infrastructure such as kerberos, LDAP, Samba and RADIUS. and make it all work together out of the box. For version 1 we’ll be concentrating on the I for identity and in later versions we’ll be adding the very important policy and audit capabilities. If this kind of thing interests you enough to want to contribute we have plenty to do.

Project blurb:

FreeIPA (so far) is an integrated solution combining:* Linux (currently Fedora)
* Fedora directory server
* FreeRADIUS
* MIT Kerberos
* NTP
* DNS
* Samba
* Web and commandline provisioning and administration tools

The goal of this version is to allow an administrator to quickly install, setup, and administer one or more servers for centralized authentication and identity management.

Motivation

For efficiency, compliance and risk mitigation, organizations need to centrally manage and correlate vital security information including

* Identity (machine, user, virtual machines, groups, authentication credentials)
* Policy (configuration settings, access control information)
* Audit (events, logs, analysis thereof)

Because of its vital importance and the way it is interrelated, we think identity, policy, and audit information should be open, interoperable, and manageable. Our focus is on making identity, policy, and audit easy to centrally manage for the Linux and Unix world. Of course, we will need to interoperate well with Windows and much more.

We are looking to take concrete and useful steps and so have chosen initially to focus on Identity solutions for the Unix/Linux world with some support for Windows login.

We intend to tackle centralized management of policy and audit information next.