I’ve set up an LDAP server at several companies and was always frustrated by how arcane they are to build and operate. So I built a SaaS one (well, a beta anyway) that’s easy to use with a simple web interface for group management, integrates with Google Apps (which is the core identity used by most young companies now), and is scalable and fully redundant. It also serves SSH keys directly to sshd, so users can take care of their own key management (and soon, admins can enforce password and key rotation schedules).
I know Aren from school, ad i am familiar with the multitude of problems he has solved at various companies. This should be a plug-and-play solution for others!
And yes, if a user is deprovisioned in GApps then their LDAP credentials are suspended until they are re-activated. The goal of Foxpass is to make GApps the source of truth.
This is a great idea and something I've searched for in the past when looking for a way to authenticate our own internal apps using Google Apps credentials.
11 comments
[ 2.6 ms ] story [ 26.7 ms ] threadHN, I’d love your feedback!
Ok, one more question: If I deprovision someone in GApps, will they automatically deprovision elsewhere? Vice versa? Where's the source of truth?
I think that OAuth2 is all that Google supports right now for Google Apps authentication, at least according to https://developers.google.com/accounts/docs/OAuth2.
And yes, if a user is deprovisioned in GApps then their LDAP credentials are suspended until they are re-activated. The goal of Foxpass is to make GApps the source of truth.
Do you support starttls?