< Back to index

Vintela Authentication Services (VAS) extends Windows authentication, trust, and user provisioning to UNIX and Linux. Users are defined in Active Directory. UNIX-specific attribute such as home directory, or login shell, are stored in Active Directory. This can be done without having to extend the Active Directory Schema, because Microsoft supports RFC 2307 with release "R2" of Windows Server 2003. Users login to UNIX or Linux using their Active Directory username and password.

Like Windows, VAS uses Kerberos for authentication, trust, and single sign-on. The integration provided by VAS enables a user to login once (for example when they login to their Windows workstation), and then access resources across a single Kerberos realm that includes both Windows and UNIX/Linux hosts without having to enter their password a second time. Using VAS, UNIX and Linux systems can join the Active Directory domain. This integration doesn't require any synchronization process.

The integration provided by VAS can be further extended to the application layer through the use of Pluggable Authentication Module (PAM) and Name Service Switch (NSS). If the application is written to PAM, then the application will automatically use the VAS authentication facility and the application users can become part of the trusted zone. If the application supports Kerberos using GSSAPI, then VAS extends authentication and single sign on to the application users. Web application single sign-on uses Kerberos and the SPNEGO mechanism provided by Internet Explorer or Mozilla.

Vintela began as a Utah company and was acquired by Quest Software in 2005.
This entry uses material from from Wikipedia, the leading user-contributed encyclopedia. It is licensed under the GNU Free Documentation License. Disclaimer.