Home > Storage > PowerScale (Isilon) > Product Documentation > Management and Migration > PowerScale OneFS Authentication, Identity Management, and Authorization > Microsoft Active Directory with RFC 2307
RFC 2307 was initially created to use LDAP as a Network Information Service. As enterprise requirements have evolved, Active Directory and RFC2307 have also evolved.
For more information about RFC 2307, see the official RFC: https://www.ietf.org/rfc/rfc2307.txt
RFC 2307 support for Active Directory first launched with Windows Server 2003 and exists today in Windows Server 2016. However, the implementation has been through several iterations. The initial release of Active Directory with RFC 2307 was referred to as “Services for UNIX.” It was later renamed to “Identity Management for UNIX” and enables:
From a OneFS perspective, integrating RFC 2307 with Active Directory simplifies the management of users in a multi-protocol environment because only a single authentication provider is required to collect the SID and UID with associated GIDs. In this architecture, Active Directory stores the user credentials, and RFC2307 stores UIDs and GIDs. OneFS does not require the NIS authentication component because only the UID/GIDs are used. Active Directory with RFC 2307 maps SIDs with UID/GIDs, eliminating the need for mapping in OneFS, which further simplifies management.
Through Windows Server 2003, 2008, 2012, and 2016, the RFC 2307 support has varied significantly, not only from a cosmetic perspective, but by the overall implementation. For more information about the changes throughout the years, see this Microsoft Technet blog post. Although the RFC 2307 implementation has changed throughout the releases, RFC 2307 attributes (GID, UID, and so on) in Active Directory continue to exist, which is all that is required for simplifying a multi-protocol implementation with OneFS.