What do you use when not using AD? Do you use an LDAP based system that is open source?
Tom, if your reading this it would be great to hear what your using and possibly a video on this.
We don’t have a federated access system in our office. Each staff member has an account for each service they log into with separate 2FA and unique password. That being said, there are not that many systems for my staff to log into, Solarwinds, ScreenConnect, Gsuite, InvoiceNinja & the Wiki.
For clients it’s varies based on the type of client. Gsuite, Azure AD /Office 365 or on prem AD server. I have not seen any GOOD open source solutions to this and due to so many products using the Microsoft AD as the auth method it’s not that simple to replace it with something else.
If you have time to test solutions try Univention Corporate Server Core Edition. https://www.univention.com.
Previously I had been using FreeIPA as a authentication / FreeRADIUS server. But in the last few years I have been using Univention Corporate Server. Univention Corporate Server has worked well for me as a Active Directory replacement, general purpose OpenLDAP server as well as a FreeRADIUS server. The web interface is excellent and the change password module is what sold me, other than the Active Directory alternative. The paid support is a little pricey, however it does have support, I’ve never used the support so I can’t say how good it is.
I know there are a lot of products like this out there, I have tested many, but this works for me and my 250 mixed Windows, Mac and Linux users. I hope this gives you a good starting point.
3 Likes