Sun VDI 3 - What is it about - Directory Integration
By MrDGrobler on Feb 09, 2009
Name a customer who is not using a directory service. There are barely any. In the Sun VDI 2 world there hasn't really been an integration with the directory world. Simple identifier have been used, that happen to match with an user ID in a directory. Things changed with Sun VDI 3:
A directory is now a key element of the Sun VDI story. Basically, without a directory binding it is not possible to assign a user to a desktop. And here we focus primarily on Active Directory being dominant in the Windows world. In addition we support Sun's LDAP directory. Other directories might need some manual intervention and are not covered out of the box or we simply don't know at this point.
Main purpose for the binding to the directory is to identify the entities that should get access to a desktop in one way or the other. Entities are users and user groups. Sun VDI 3 has a predefined understanding of what a user and a user group is. This understanding is identical to the one implemented in Secure Global Desktop (SGD). Besides the fixed definition of a user or a user group we have a custom query mechanism for LDAP similar to the one found in SGD.
Next to entities from the directory we have also included tokens into the list of managed objects. Tokens are the IDs of a smartcard or the ID of a Sun Ray Desktop Unit (DTU). You may ask, why is this included into a VDI solution. Sun Ray Server Software provides this feature as well.
Quick answer to that question is, Sun VDI 3 targets to be a self-contained solution that can be used by various clients, where one - a prominent one, of course - is the Sun Ray. Managing in this context the relationship between a smartcard, a user and a desktop is a core functionality that should be in one place and not spread around various places.
Effectively this gives an administrator a number of choices:
- Assignment of a user to an individual desktop
- Assignment of a user to a pool
- Assignment of a user group or custom query to a desktop or pool
- Assignment of a token to a user - so when you stick in your card, the desktop(s) of a user are presented to the user.
- Assignment of a token to a desktop or a pool - this allows to have different smartcards for a desktop or to assign a DTU to a desktop, which is then more or less acting like a real PC.
Well, that's it in on the directory integration. At least on the surface ;-) Give it a try with the current public Early Access Program and let me know what you think about.