Vintela Authentication from SCO
Not strictly a single sign-on (SSO) product,Vintela Authentication is designed to provide a more cost-effective solution than SSOs to the problem of users having different login credentials to Windows and UNIX resources.
It handles this by allowing UNIX logins to be authenticated by Microsoft Active Directory. It is not an SSO product, because it does not give transparent access to all resources following a single login – every time you need access to a resource, you have to give that resource your username and password (which are the same across all supported platforms).To the user, this looks like username and password synchronization, but it is not.
It works in real time with Active Directory to authenticate users to UNIX resources transparently.
Users simply use the same username- password combination that they use to access Windows. It also works with UNIX Pluggable Authentication Modules (PAM) and Name Service Switch (NSS) to allow it to be integrated easily with existing UNIX applications. Legacy applications can be supported by a scripting interface that also integrates with modern web backend scripting languages such as CGI, Perl, Python, and PHP.
To communicate with Microsoft Active Directory, Vintela uses standard Kerberos and LDAP protocols in the same way as a Windows XP workstation. It is also designed to be particularly tolerant of slow or unreliable connections – even dialup connections are well supported.
For example, when the network connection between the user and the Active Directory server is down, users that have previously logged into local UNIX machines will continue to be able to log into them, because the authentication credentials are cached locally in an encrypted form.
Vintela integrates with Windows 2000 and XP workstations because no client-side software is required for these platforms (it is for UNIX workstations and servers).
Supported platforms include Sun Solaris, Linux and SCO's own various Linux/UNIX distributions.
Version 2.2 adds support for IBM AIX and HP/UX, plus the Microsoft Windows Services for UNIX (SFU) schema, which means it can leverage users and groups managed by SFU without having to reset the UNIX account information.The product is highly scalable, and even suitable for huge UNIX platforms, but it only works with Microsoft Active Directory. Aside from that, it is a more cost-effective solution than SSO to the problem of differing login credentials for Windows and UNIX resources.