APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Kerio Unity Directory Service


2012/09/08

Although Kerio Unity is still in beta as I write this (see Openness and Kerio Unity for the link to join the beta testers), indications are that Kerio will be releasing this soon as Knowledge Base articles referencing its configuration and use have already been posted.

If you are already using a directory service like Microsoft Active Directory or Apple Open Directory, you don't need Unity. This product is targeted at companies who are not using any directory service and it is only useful with Kerio products:b Unity doesn't even begin to have the features of those other servers.

What Unity will provide is single sign-on convenience for all Kerio products: if you authenticate to Connect, you'll be able to fire up Workspace without logging in again. If you log out of Connect, you'll be logged out of Workspace (and Operator and control) at the same time. This works for Administration also, though these are tracked separately: you'll need to login to Adminstration in one product even if you have already logged in as a user to that or another Kerio product.

Tracking is accomplished by cookies, but there is a difference for Administration: user product cookies have a lifetime of 6 days, while Administration cookies are deleted upon logout.

It is not known whether this will be a free product, but my expectations are that it will either be free or very low cost.

I have played with the beta. It's quite simple - basically you just enter the users and their passwords. Configuring your Kerio products to use it is available, but hidden, in current versions - join the beta forum to learn how to do this (or wait until the next release of your products as this feature will almost certainly be visible in those).

You will be able to migrate existing users to Kerio Directory. See Migrating users and groups into Kerio Directory.

Once in place, from the users point of view nothing has changed except that they now only have to login once. Do remember to make them aware that logging OUT of one product currently logs them out of all - it's of course trivial to log back in, but this could be unexpected by users who have been accustomed to logging in and out separately.

Note that at the present time it is only available as a VMWare appliance or a Debian Linux application. That has caused some upset in the forums - while the more technical users see no difficulty with that, some of the users who are most likely to want this are unable to meet that technical hurdle and are begging for Mac or Windows versions. I have no idea whether Kerio will do any of that, but if you are one of my customers and need assistance in this area, of course I'll be happy to provide it.

Related Knowledge Base Articles:




Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> Kerio Unity Directory Service


1 comment



Increase ad revenue 50-250% with Ezoic


More Articles by

Find me on Google+

© Anthony Lawrence







Sun Sep 9 22:08:31 2012: 11283   NickBarron

gravatar


I am trying to see the use of it...

In an all Kerio environment Control (never going to happen without IPsec Kerio!!) Operator, Connect and Workspace it may just be useful.

Other than that I think it will gain traction. I like to see Kerio trying new things, generally they have a very good approach so I may be missing a trick here.

------------------------
Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us





What happens then? Is there a ticker tape parade and heartfelt thanks from the computer it has reached? No, my friends, there is not. The poor packet is immediately gutted, stripped of its protective layers and tossed into the hungry maw of whatever application (mail, a webserver, whatever) it belongs to. (Tony Lawrence)

Computers are like Old Testament gods; lots of rules and no mercy. (Joseph Campbell)







This post tagged: