Red Hat Directory Server is an LDAP-based server that centralizes application settings, user profiles, group data, policies, and access control information into an operating system-independent, network-based registry. Forming the central repository for an Identity Management infrastructure, Red Hat Directory Server simplifies user management, eliminating data redundancy and automating data maintenance. It also improves security, by storing policies and access control information, Red Hat Directory Server creates a single authentication source across entire enterprise for both intra- and extranet applications.

# Centralizes management of people and their profiles, thus reducing administrative costs
# Acts as a central repository for user profiles and preferences, enabling personalization
# Allows 4-way multi-master replication of data across the enterprise, providing a centralized, consistent data source available to enterprise applications
# Enables single sign-on access with a partner solution
# Provides scalability for massive numbers of users by containing the information control required for developing extranet applications

Apple has made it easy to integrate Mac OS X and Mac OS X Server systems into virtually any managed network environment — thanks to Open Directory, Apple’s standards-based directory and network authentication services architecture. Although Apple’s Open Directory is based on the free OpenLDAP open source software, Apple’s Open Directory requires OS X Server, and Apple Hardware.
Open Directory

Open Directory relies on powerful open source technologies, like Open LDAP and Kerberos, for seamless interoperability with other standards-based LDAP servers. It can even plug into environments that use proprietary services, such as Microsoft’s Active Directory and Novell’s eDirectory. For organizations that haven’t yet deployed directory services, the Open Directory server is an easy-to-deploy solution that lets small operations benefit from centralized information. And because there’s no per-user or per-seat fees, Open Directory can scale with the needs of your organization — without draining your IT budget.

Open Directory uses OpenLDAP, the open source implementation of LDAP, to provide directory services for mixed-platform environments. A common language for directory access lets you consolidate information from different platforms and define a single name space for all network resources. Whether you have Mac, Windows or Linux systems on your network, you can set up and manage a single directory; you don’t need maintain a separate directory or separate user records for each platform. This also streamlines the user experience: Users can move effortlessly between Mac and Windows computers — and still gain authenticated single sign-on access to directory-based system and network resources.

Built into Open Directory is a robust authentication server using MIT’s Kerberos Key Distribution Center (KDC) — providing strong authentication with support for secure single sign-on. That means users need authenticate only once, with a single user name and password pair, for access to a broad range of Kerberized network services. For services that have not been Kerberized, the integrated SASL service automatically negotiates the strongest-possible authentication protocol.
NT Domain Services

Apple has integrated the NT Domain services of the popular open source Samba 3 project with Open Directory, making it possible to host NT Domain services on Mac OS X Server v10.4. You can set up Mac OS X Server as a Primary Domain Controller (PDC) or Backup Domain Controller (BDC) for your network, so Windows users can authenticate against Mac OS X Server directly from the PC login window. NT Domain services also enable Mac OS X Server to host roaming profiles and network home directories for Windows clients. Now any user in your directory can securely log in and access the same user account, authentication, home directory and network resources from a Mac or a Windows system. These capabilities make Mac OS X Server ideal for replacing aging Windows NT or Windows 2000 servers, without requiring businesses to transition to an expensive Active Directory infrastructure.

Mac OS X Server v10.4 adds the ability to define detailed user contact information in Workgroup Manager. When a user is added across any LDAPv3 directory domain, Mac OS X Server can import the account information — including phone, email, web log URL and home page URL — directly into the Address Book.

Open Directory features open source Berkeley DB, a highly scalable database, for high-performance indexing of hundreds of thousands of user records. With OpenLDAP and Kerberos standards, it’s easy to add clients from any platform and services from many vendors. In addition, a robust replication feature maximizes availability and scalability. By creating replicas of directory and authentication servers, you can easily maintain failover servers, as well as remote servers for fast client interaction on distributed networks.

Have you ever noticed changes on your departmental server or an end-user’s desktop, but couldn’t quite pinpoint what exactly happened? How many times have staff forgotten to make an entry in the log-book, or the entries made were not detailed enough? Administrators are faced with these problems on a day-by-day basis. The System Configuration Collector (SCC) project attempts to automate this process. Rather than depending on staff to keep accurate records, SCC enables a system to record all changes taking place. Additionally, the software has the functionality to send all configuration data to a central server so that it can be analyzed when needed.

System Configuration Collector (SCC) collects configuration data of systems in snapshots. The structure of the snapshot allows SCC to compare a snapshot with the previous one and to detect changes in the configuration. Upon detecting changes, SCC adds the differences to a logbook. The snapshot and the logbook are converted to HTML for local inspection. Optionally, the SCC-files can be send to a system running the SCC server software. On the server, summaries of the SCC-data are generated and search/compare operations on the snapshots and logbooks are available via a web-interface.

The logbook is a starting point in case a system “suddenly” does not work correctly and the administrator is wondering what he/she has changed in the last weeks or months. As most of us know by experience, configuration changes can have accidental side-effects on (other) systems. By examining the entries in the logbooks and considering the consequences, the cause of an actual problem might be found more easily than by just trying to remember the changes that were performed.

The snapshots can be used to compare the configuration of two systems. Imagine systems, that are supposed to be identical, but behave differently. Comparing parts of the snapshots of the two systems can indicate the cause of the difference in behaviour.

The client and server software of SCC is available in the native system install-formats for HP-UX, Solaris, Linux (rpm), FreeBSD, NetBSD, OpenBSD and in source tar-balls. The client part of SCC is also available for Windows systems. SCC (client and server) is free software under the terms of the GNU General Public License. Copyright (©) 2001 – 2004 Open Challenge B.V. Copyright (©)

PacketFence is an open-source package that provides network access control (NAC). Deployed in academic networks around the world, PacketFence is reliable, extremely configurable, and built upon unmodified open-source code (Fedora, LAMP, Perl, and Snort).

Vendor Agnostic

PacketFence is designed to operate in heterogeneous environments and uses vendor-agnostic isolation techniques including DHCP scope changes and ARP cache manipulation (“passive” mode). No Cisco, no problem.

Easily Installed

Distributed as an RPM, PacketFence installs quickly and easily on RHEL and Fedora. When deployed in passive mode, PacketFence plugs into a switch like any other host – it’s not even necessary to change your network configuration!

Feature Packed

PacketFence was doing NAC before NAC was cool. With over three years of active development, PacketFence is stable and provides many of the features of insanely expensive commercial offerings. Some of the more nifty features are listed below.

• Authenticate users using any authentication Apache supports (even more than one!)
• Registration-based and scheduled vulnerability scans.
• Captive portal-based user registration and remediation.
• Passive operating system fingerprinting using DHCP
• Ban unsupported operating systems (Windows 95/98/ME) or NAT-based routers.
• Automatically register game consoles or VoIP phones.
• Log location-based information using DHCP option-82.
• Protect multiple networks and 802.1q trunks.
• Scrumtrilescent web-based GUI.

Free

Best of all, PacketFence is licensed under the GPL and is totally free!

BackupPC is a high-performance, enterprise-grade system for backing up Linux and WinXX PCs and laptops to a server’s disk. BackupPC is highly configurable and easy to install and maintain.

Given the ever decreasing cost of disks and raid systems, it is now practical and cost effective to backup a large number of machines onto a server’s local disk or network storage. This is what BackupPC does. For some sites, this might be the complete backup solution. For other sites, additional permanent archives could be created by periodically backing up the server to tape. A variety of Open Source systems are available for doing backup to tape.

BackupPC is written in Perl and extracts backup data via SMB using Samba, tar over ssh/rsh/nfs, or rsync. It is robust, reliable, well documented and freely available as Open Source on SourceForge.

BackupPC Features

* A clever pooling scheme minimizes disk storage and disk I/O. Identical files across multiple backups of the same or different PCs are stored only once resulting in substantial savings in disk storage and disk I/O.
* One example of disk use: 95 latops with each full backup averaging 3.6GB each, and each incremental averaging about 0.3GB. Storing three weekly full backups and six incremental backups per laptop is around 1200GB of raw data, but because of pooling and compression only 150GB is needed.
* Optional compression support further reducing disk storage. Since only new files (not already pooled) need to be compressed, there is only a modest impact on CPU time.
* No client-side software is needed. The standard smb protocol is used to extract backup data on WinXX clients. On linux clients, tar over ssh/rsh/nfs is used to backup the data. With version 2.0.0, rsync is also supported on any client that has rsync or rysncd.
* A powerful web (http/cgi) user interface allows administrators to view log files, configuration, current status and allows users to initiate and cancel backups and browse and restore files from backups.
* A full set of restore options is supported, including direct restore (via smbclient, tar, or rsync/rsyncd) or downloading a zip or tar file.
* Supports mobile environments where laptops are only intermittently connected to the network and have dynamic IP addresses (DHCP).
* Flexible configuration parameters allow multiple backups to be performed in parallel, specification of which shares to backup, which directories to backup or not backup, various schedules for full and incremental backups, schedules for email reminders to users and so on. Configuration parameters can be set system-wide or also on a per-PC basis.
* Users are sent periodic email reminders if their PC has not recently been backed up. Email content, timing and policies are configurable.
* Tested on Linux, Freenix and Solaris hosts, and Linux, Win95, Win98, Win2000 and WinXP clients.
* Detailed documentation.
* Open Source hosted by SourceForge and freely availble under GPL.

OpenOffice

Word Processor Writer – a word processor you can use for anything from writing a quick letter to producing an entire book.
Spreadsheet Calc – a powerful spreadsheet with all the tools you need to calculate, analyse, and present your data in numerical reports or sizzling graphics.
Presentation Impress – the fastest, most powerful way to create effective multimedia presentations.
Vector drawing tool Draw – lets you produce everything from simple diagrams to dynamic 3D illustrations.
Database Base – lets you manipulate databases seamlessly. Create and modify tables, forms, queries, and reports, all from within OpenOffice.org
Mathematical function creator Math – lets you create mathematical equations with a graphic user interface or by directly typing your formulas into the equation editor.

Native Mac OS X Version is called NeoOffice
Aqua integration Unlike OpenOffice.org, NeoOffice has native Aqua menus, file open and save dialogs, print dialogs, buttons, scrollbars, and many other native Aqua user interface elements.
No X11 software required NeoOffice uses the Java technology that is built into Mac OS X. By using Java, there is no need to download and install the X11 software that OpenOffice.org requires.
Integrated with Finder and Mail The Mac OS X Finder will automatically launch NeoOffice and open OpenOffice.org and Microsoft Office documents that you double-click on. Also the Mac OS X Mail application will open OpenOffice.org and Microsoft Office attachments in NeoOffice.
Uses Mac OS X fonts Unlike OpenOffice.org, NeoOffice uses the same fonts that all of your other Mac OS X applications use. This means that NeoOffice will handle reading and writing of Western European characters (e.g. characters with accents, umlauts, circumflexes, cedillas, etc.) and some fonts will even handle Japanese, Chinese, and Korean ideographs. Also, NeoOffice is able to use any fonts that you install using the /Applications/Font Book application.
Handles international keyboards Unlike OpenOffice.org, NeoOffice will use any keyboard layout that you use. Also, if you switch your keyboard layout while NeoOffice is running, NeoOffice will automatically switch as well.
Native OS X printing support NeoOffice supports printing using Mac OS X’s native printing functionality. Like other Mac OS X applications, you can use NeoOffice to print, preview, or save a document to a PDF file.
Native copy and paste support NeoOffice supports copying and pasting using Mac OS X’s native clipboard so you can copy and paste text and images between NeoOffice and other Mac OS X applications.
Native drag-and-drop support NeoOffice supports native drag-and-drop so you can drag and drop text and images between NeoOffice and other Mac OS X applications.