Last week, Hopkins purchased a University-wide site license for Likewise Enterprise for the purpose of integrating Mac, Linux, and Unix machines with the Johns Hopkins Enterprise Active Directory (JHED). Departments that choose to utilize the software will be able to apply group policies and have single sign-on (using their JHED), to their Mac, Linux, and Unix machines.
“[Likewise Enterprise] gives the ability to have policy set in machines,” Arne Gallagher, Director of Education Sales for Likewise Software, said. “It can push [policies and settings] to all the machines.”
The Hopkins central Informa- tion Technology (IT) department utilizes Microsoft Active Directory as its directory service, a software system that organizes and allows management of the Hopkins computer network. It allows administrative management of individual machines and departmental networks. It is the tool that central IT uses to manage the Hopkins network: updating systems, implementing IT policies and managing security risks.
But only machines that run Windows can natively participate with Microsoft Active Directory. Macs, Linux and Unix machines cannot join without additional software or hardware solutions.
Having access to the Active Directory would allow Mac, Linux and Unix machines previously lacking in network management ability under the Active Directory to be managed nearly as well as a Windows machine with Active Directory.
Likewise Enterprise offers other features including an security event log allowing central IT to better monitor security events.
“When security events happen, they are flagged in a reporting system,” Luke Dieker of Partnership and Marketing for Likewise Software said. “System admins can identify where security instances happen and investigate them.”
Kyle Reynolds, IT Manager for the Institute of Computational Medicine, was one of the first adopters of the Likewise software and was also one of the primary advocates for purchasing the software.
“I stumbled across [Likewise] a couple years ago,” Reynolds said.
“The big [benefit] is [individual departments] don’t have to manage user management infrastructure.”
By participating in the Active Directory, user accounts in the directory are managed by The Johns Hopkins Enterprise Directory (JHED).
JHED enforces password complexity standards and the JHED Logon ID (LID) provides users with a single username and password needed to access any authorized and participating Hopkins department. Enforcement of password standards ensures greater security for users and the network. Single sign-on allows users to use their JHED LIDs to log into participating departmental networks, instead of having to remember multiple usernames and passwords for each departmental network because of the separate user management systems employed by each.
Likewise, Enterprise is mainly a management tool and aside from a simplified login process, most users will not see much from the program.
“Normal users should not notice a difference,” Dieker said.
According to Reynolds, the plans for the spread of the software are still being discussed by the Johns Hopkins central IT department.
The central IT department was unable to comment before the publication of this article. Some departments, however, may choose not to utilize the software.
Due to the decentralized nature of IT at Hopkins, some departments have developed their own user management infrastructure and computer integration solutions for their department’s network.
“[Some departments] have internal systems that work well,” Reynolds said.
The prospect of overhauling their systems and migrating all their machines to a new platform when they already have a well-functioning solution may make them tentative about adopting the software.
“Migration is always a big deal. It is not a trivial task,” Reynolds said.
