Info SID RID UID GID, compatibility Windows/UNIX with AD
Tivoli Directory Server or IBM Security Directory Server
Authentification for UNIX users in Active Directory (AD)
Authentification for UNIX users in FreeIPA
^ ^ 389 Directory Server ^ FreeIPA ^
Use | General purpose | Single domain, focused on identity management |
Flexibility | Highly-customizable | Limitations to focus on identity and authentication |
Schema | Default LDAP schema | Optimized, special schema for identity management |
Directory Tree | Standard and flexible hierarchy | Flat tree with a fixed hierarchy |
Authentication | LDAP | Kerberos or Kerberos and LDAP |
Active Directory Synchronization | Bi-directional | Unidirectional, Active Directory to FreeIPA |
Password Policies | LDAP-based | Kerberos-based |
User Tools | Java Console and standard LDAP utilities | Web-based UI and special Python command-line tools |