The FreeIPA project (www.freeipa.org) aims at providing software to manage security information across an entire enterprise or other computing environment.
The "IPA" part of FreeIPA stands for identity (identifying and authenticating users and machines), policy (settings for access control of applications and machines), and audit (methods for collecting and auditing security events, logs, and user activities).
The "identity" area of FreeIPA represents the first set of FreeIPA features to be implemented. If you want to centralize management of security information, you can try these features in Fedora 11. You can use this first release of FreeIPA to configure IPA servers for user identity management and centralized authentication. Then use FreeIPA clients to work with that information.
The software features that FreeIPA works with in this initial release include:
- Linux Fedora
- Network Time Protocol (NTP) Daemon
- Domain Name System (DNS) Daemon
- Fedora Directory Server
- Kerberos Key Distribution
CAUTION: Note that FreeIPA modifies the services just mentioned, so it is best to try FreeIPA only on test systems. In other words, don't use FreeIPA on your production servers.
(For RHEL, you can also use Enterprise IPA from Red Hat. See www.redhat.com/enterprise_ipa/ for details.)