Zivios open source ID management suite takes on Novell's ZenWorks

One open source startup is taking on Novell in the identity management space.

Zivios dubbs itself as an enterprise management company but is not taking on the likes of Zenoss and Hyperic -- at least for now. Network monitoring and workflow features are planned but they are not in the first release.

As it stands, Zivios Enterprise Management Suite version 0.5.1 is an open source web-based PHP 5 application that uses MySQL and OpenLDAP as its data store. It features single sign-on, certificate authority, user, group and computer provisioning as well as remote management of services. It was released earlier this month.

Execs of the company -- which came out of stealth mode in September -- say the solution is released under GPL3 and will take on Novell's proprietary identity management solutions.

"It is akin to Novell Zenworks, Novel Zenworks Linux Management, Novell Zenworks Patch Management combined," said Rehan Zafar, COO at Zivios. "However- Novell Zenworks suite of products is designed to work in a Novell E-directory environment. Zivios uses completely opensource industry standard and popular technologies."

OpenLDAP is the backend for identity management and application integration and MySQL is used for panel specific data, the company states.

The suite comes with a web based panel and an extensible API that developers can exploit to create plug-ins.

The beta release came out Sept 11. The shipping version, available for download now, added a new front end for the DNS service and transactional rollback support. "Transaction rollback is of course the most important aspect of this release, allowing us to ensure that the directory service is in a clean state after failed operations," Zafar said.

Zafar offered a lot more information in an email sent to me this week:

"Zivios fits the same space as Microsoft's Active directory does in the windows arena, with a more ambitious road map. It provides:

- Identity management (Through Openldap and its plug in architecture, tying in solutions that don't work with simple LDAP

- Configuration management (Service level configuration management-changes that usually involve editing config files on remote servers)

- a powerful webbased front panel to LDAP This includes managing ACLs which allow you to provide delegated administration in a large network

- Provisioning (Of computers, Users, Groups, etc). Zivios does not only provision these in LDAP but goes as far as to provision them in the remote system also- in case the remote system does not talk to LDAP (Asterisk for example)

- Package Management. Zivios will allow for automatic service installation and even update/patch management for a large group of machines.

- Desktop Management. Zivios will allow you to manage your GNOME/KDE Desktop Policies in the near future- bringing it closer to the aims of Microsoft's Active Directory and Machine Group policies.

That's not all. Zafar also said Zivios will do all of the following automatically when a computer is added to it:

- Generate Proper SSL Certificates for all PKI requirements (Zivios also acts as a full fledged CA)

- Generate Kerberos Keytabs for secure communications during single sign-on.

- Make this system an Ldap client by properly configuring ldap.conf and nsswitch

- Make this system a kergbos client by properly configuring krb5.conf - Configure a Zivios agent on the remote system

- Start the agent. This completes the server add. The machine falls completely in Zivios's control through the Agent.