Hi there, I'm working on making GNOME have an easy to use interface for joining a realm [1] (or an Active Directory domain) so that you can use domain logins on a machine. This is already doable on linux nowadays, but I'm working on making it just take a few clicks and perhaps a password.
realmd (pronounced realm-DEE) is a DBus system service started on demand which manages domain enrollment of the machine and setup of kerberos logins and so on. It exposes a simple and extensible DBus interface [2] which clients (like gnome-control-center) use. It uses package-kit to install necessary packages, and policy-kit to check for privileges. It doesn't support every possible option and incantation for joining a domain. The goal of realmd is to facilitate a really simple UI. For example it automatically detects whether a given domain is an Active Directory (and in the future IPA) realm, without asking the user to make that choice. realmd tries to use intelligent defaults. However a goal of realmd is to interoperate well with the current tools for doing this stuff, so advanced deployments can continue to use distro or custom tools. realmd is designed to support more than just Kerberos realms, although that's all it implements for now. For example in the future it could help the user setup Google Account based logins [3]. realmd supports setup of different stacks to handle the enrollment and authentication (eg: Samba+Winbind or SSSD are two different stacks). So far only support for Samba+Winbind has been implemented. Since there are some obvious differences between setting this stuff up on various distros, realmd has a way of doing basic customizations per-distro. I only have it working on Red Hat distros right now, but will shortly add Debian and a few others. Anyone interested in working with me on this? I'm really early on in this project right now, but it's hackable [4] and usable, and I'll get a proper project setup shortly. Cheers, Stef [1] Part of this work: https://live.gnome.org/Design/Proposals/UserIdentities [2] http://cgit.freedesktop.org/~stefw/realmd/tree/dbus/org.freedesktop.realmd.xml [3] http://www.chromium.org/chromium-os/chromiumos-design-docs/login [4] Lives here for now, but will move to fdo git: http://git.freedesktop.org/~stefw/realmd _______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
