What is our primary use case?
We use the solution for compliance with password requirements and enhanced security. It allows us to adhere to various SOX compliance requirements.
The ease of administration has reduced the amount of time my team spends on access requests for Red Hat servers. It's ability to utilize Active Directory accounts and network passwords to access the servers that have been added to the domain. We have the ability to utilize domain services on older Red Hat Linux servers where the native tool doesn't support earlier versions.
The solution allows us to utilize command restriction to prevent so much root access from being allowed while also deploying to multiple servers to maintain consistency.
How has it helped my organization?
This has greatly reduced my team's time on account management within our Red Hat environment. We were also able to pass some of the routine access requests to our Helpdesk/Desktop Support team to lighten my team's workload. Less password reset and unlock requests have come through to our team since the servers utilized Active Directory accounts for access. Users do not have to remember so many different username and password combinations to access the servers they manage.
What is most valuable?
We like that we have user accounts and passwords that match our domain so users are not trying to remember 30 different usernames and passwords for various servers. The command restrictions prevent so much root access from being allowed. We are able to utilize GPO to push policy down to multiple servers rather quickly. The product also supports older versions of Red Hat in our environment. This allows us to maintain security on these servers that are already vulnerable due to age until we can fully get them out of the environment.
What needs improvement?
Sometimes, policy changes must be forced in by removing and re-applying policies locally on the server. It would be nice to see that the check-in process happens more often and that those changes happen much quicker on its own.
Since this is tied to Group Policy, seeing some support around Advanced Group Policy Management would be nice. We are tightening security and processes around Group Policy in our domain, but Advanced Group Policy Management does line up with how Authentication Services work without the security and check-in/out process that AGPM has.
For how long have I used the solution?
I've used the solution for the last three years. That said, previously, we had used it for a couple of years, many years ago.
What do I think about the stability of the solution?
The solution is mostly stable; it has some quirks at times.
What do I think about the scalability of the solution?
Scalability is typically around licensing - buy more, and you can simply add more servers.
How are customer service and support?
Support has always been very helpful. KBs are always easy to find.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We only tested the native AD join tool that came out around RHEL 7. We switched to Authentication Services as it offered support for older versions of RHEL where the native solution didn't.
How was the initial setup?
The initial setup is straightforward.
What about the implementation team?
We did the setup in-house.
What was our ROI?
ROI is more around manhours saved with administration around user accounts going from locally managed individually to globally managed through AD and applying configuration and policy settings at scale instead of individually.
What's my experience with pricing, setup cost, and licensing?
Setup is simple, however, the cost can be expensive.
Which other solutions did I evaluate?
We did look into the RHEL native AD join tool.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
