What we want
What is the goal?
- SSO (single sign on). Early in the morning when you turn on your computer, then you have to enter your password. Then you never have to reenter it until you close the session. This includes services like mail and logins to other computers.
- central administration: we don't want to enter all user data on every /etc/passwd file on every machine. We want to store it on one place.
- security: passwords never pass the network in clear text. Sensible information is only readable by authorized persons.
- extensible: The solution shall not be limited to one unit (company, group of people ...). Real life structures should be able to be reflected by the storage structure.