Datasheet 
Download 
Resources 
Quotation
Buy online 
Support 
Print Page 
Email Page 
t:: +44-(0)1684-576343
f:: +44-(0)700-6020779 enquiries@purplerage.com
Integrated Secure Authentication. Join Linux, Unix, and Mac machines to Microsoft Active Directory and securely authenticate users with their domain credentials for FREE with PowerBroker Identity Services Open.
- Joins non-Windows systems to Active Directory domains in a single step from the command line or from a GUI
- Authenticates users with a single user name and password on both Windows and non-Windows
- Enforces the same password policies for non-Windows users and Windows users
- Supports multiple forests with one-way and two-way cross forest trusts
- Caches credentials in case your domain controller goes down
- Provides single sign-on for SSH and Putty
- Uses a robust next-generation authentication engine that supports Kerberos, NTLM, and SPNEGO
- Involves no Active Directory schema changes.
Like to learn more about PowerBroker Identity Services Open? Here is a flash demonstration showing an installation of the product.
Features and Benefits
With PowerBroker Identity Services Open (formerly Likewise Open), non-Windows systems act as first-class citizens in the enterprise network. You can standardize on Microsoft Active Directory without losing the flexibility to choose other operating systems. PowerBroker Identity Services Open is already offered through the Ubuntu Linux repositories, and PowerBroker Identity Services offers native packages for other Linux distributions, Mac OS X, and many flavors of UNIX.
Set the Default Domain: If your Active Directory environment has only one domain, you can set PowerBroker Identity Services Open to assume the default domain, liberating users and groups from preceding their user or group name with their domain name when they log on a computer or switch users.
Set Up Apache for Single Sign-On: You can configure PowerBroker Identity Services Open and the Apache web server to provide single sign-on authentication through Active Directory with Kerberos 5. PowerBroker Identity Services Open-based SSO for the Apache HTTP server uses the Simple and Protected GSS-API Negotiation Mechanism, or SPNEGO, to negotiate authentication with Kerberos. The PowerBroker Identity Services mod_auth_kerb module lets an Apache web server running on a Linux or Unix system authenticate and authorize users based on their Active Directory domain credentials. Learn more about single sign-on.
Restrict Logon Rights: With PowerBroker Identity Services Open, you can require that a user be a member of an Active Directory group to log on a Linux, Unix, or Mac computer, or you can limit logon to only the domain users that you specify. In addition, you can display an error message when a user attempts to log on a computer without the right to access it.
Display a Message of the Day: PowerBroker Identity Services Open can display a message of the day. It appears after a user logs on but before the logon script executes to give users information about a computer. For example, the message can remind users of the next scheduled maintenance window.
Define the Home Directory and Shell for Domain Users: PowerBroker Identity Services Open lets you specify a home directory and shell for users who log on a Linux, Unix, or Mac computer with their domain credentials. Such a setting can be helpful if you want all the users to work with a particular home directory or a specified shell, such as /bin/bash.
Set the Umask for Home Directories: PowerBroker Identity Services Open presets the umask for an AD user's home directory and all the files in it to 022. With a umask value of 022, the default file permissions for your AD user account are as follows: Read-write access for files and read-write-search for directories you own. All others have read access only to your files and read-search access to your directories. You can, however, set the umask for home directories by modifying configuration for the PowerBroker Identity Services authentication daemon.
New in PowerBroker Identity Services Open 6.0
- Easy Upgrade: Already using PowerBroker Identity Services Open? PowerBroker Identity Services Open 6.0 is an easy upgrade, with a new registry mechanism that ensures existing settings are maintained while upgrading.
- Faster logon: PowerBroker Identity Services Open significantly improves login times for users with many group associations – in particular, large and complex groups.
- Enhanced password change support: PowerBroker Identity Services Open 6.0 lets non-Windows users in complex Active Directory topologies update passwords to comply with network policies.
Comparing PowerBroker Identity Services Open and Enterprise
What’s the difference?
PowerBroker Identity Services Open is freely downloadable open source software for authenticating Linux, Unix, and Mac computers with Microsoft Active Directory.
A chargeable support package is available otherwise support is available through online resources and community support forums.
PowerBroker Identity Services Enterprise is a commercially licensed, fully supported product that provides advanced Active Directory authentication, authorization, management, and reporting capabilities for Linux, Unix, and Mac OS X computers. PowerBroker Identity Services Enterprise includes a management console, MMC snap-ins, and hundreds of group policies that empower you to manage Linux and Unix computers within Active Directory.
Who should choose PowerBroker Identity Services Enterprise?If you have any of the following business requirements, PowerBroker Identity Services Enterprise is the solution for you:
| Feature | Business Requirement |
|---|---|
| MMC snap-ins for Active Directory Users and Computers | To seamlessly integrate Linux, Unix, and Mac users and computers into Microsoft Active Directory and manage their settings from a central location |
| Migration | To migrate user information from insecure NIS or /etc/passwd files into Active Directory |
| Granular Access Control | To customise the mapping of an Active Directory user to a set of Unix attributes so you can provide users with different primary and secondary group memberships on different machines |
| Group Policy | To simplify the management of your network with group policies and apply granular levels of access and privilege to different non-Windows users |
| Compliance and Security Reporting | To demonstrate compliance with regulatory and security requirements |
| Two-factor autentication with a smart card | To increase security or to use multiple distinct factors to authenticate a computer user |
| Operations Dashboard | To monitor security events in real-time |
| Command-line tools | To administer users, groups, and other objects in Active Directory from the command line of a Linux, Unix, or Mac OS X computer |
Feature Comparison
Feature |
PowerBroker Identity Services Open License |
PowerBroker Identity Services Enterprise Commercial License |
|---|---|---|
| Tools Included |
|
|
| Authentication Features |
|
|
| Group Policies for Linux, Unix, and Mac | Apply a few policies to all Linux systems together:
|
Apply hundreds of group policies to non-Windows systems selectively:
|
You are here:: Home>PowerBroker Identity Services>Open Edition