Cached Credentials
Cell Technology
Compliance - HIPAA
Compliance - PCI
Compliance - Reporting
Cross-Forest Trusts
Group Policy
Gnome Group Policy
Kerberos Authentication
Likewise Administrative Console
Likewise Identity Service
Likewise Enterprise Screenshots
Linux Active Directory Integration
Single Sign-On for Apache Web Server
Single Sign-On for Databases
Single Sign-On with PuTTY
Single Sign-On for Web Applications
Single Sign-On for ERP & Storage Applications
Workgroup Manager Overview
Workgroup Manager Policies
Likewise Enterprise allows users to logon to Linux/UNIX computers using their Active Directory credentials. The Likewise Enterprise Agent employs the Kerberos authentication protocol to communicate with an AD domain controller to verify that the supplied username and password are correct. Likewise Enterprise also talks to AD to assure that the user has sufficient privileges to logon to a machine and to obtain the user’s Linux/UNIX user and group id’s.
What happens if the agent can not communicate with AD? Although modern networks are extremely reliable, network architects should not rely on perfect connectivity, especially when a network spans multiple geographic sites. Branch offices and other satellite facilities may be connected to the Active Directory domain controllers through leased lines or through virtual private networks (VPNs) that are subject to occasional failure.
Likewise Enterprise is tolerant of communication failures. The Likewise Enterprise agent caches user account information so that it can authenticate users even if it has temporarily lost connectivity with AD domain controllers. It uses the same logic employed by the Microsoft Windows™ operating system: if a user has previously logged into a machine, the machine will cache these credentials and allow the user to log on again even if no AD domain controller is available.
Long-term and Short-term Credential Caching
Although most network outages are short-lived, the Likewise Enterprise agent also supports long-term credential caching. This feature allows Linux/UNIX laptop computers to run Likewise Enterprise even though they might be disconnected from an Active Directory domain controller for extended lengths of time. The lifetime of the Likewise Enterprise credential cache can be configured to be short for optimal security or long to account for laptop and other computers that may be disconnected for protracted periods.
Next > > Reporting
