Hi, Andrei. >Could gluu also be used as something akin to freeipa ? I'm not familiar with this solution. Please provide a lists of features you expect it to support, and I'll try to suggest some options, if any. >is there any plan for something like this (actually making it a full identity management system As far as I know, it's not planned at the moment. Gluu gravitates to the niche of Access Management system, not Identity Management. Its current identity management capabilities are sort of rudimentary and suitable mostly for small projects. >I would have also liked to use it's openldap as authentication source for the actual linux running on the box as well as a samba, etc. Using Gluu's internal LDAP server like this is not something we call conventional approach and by default OpenLDAP listens only on loopback interface, thus inaccessible from outside the host. It can be done, of course, but community (free) support can't cover such kind of modifications. You can easily find all steps you need to do this in corresponding LDAP server's documentation. Also note, that for 3.1.2 the default LDAP server is OpenDJ again, not OpenLDAP. > I was surprised to see though that the rfc2307bis & samba3 schemas (and therefore their defined object classes) are not loaded by default and no support for automatically adding default values for their respective attributes exist in gluu. We have article explaining procedure of adding additional attributes [here](https://gluu.org/docs/ce/3.1.2/admin-guide/attribute/#opendj). Some attributes which are already added to schema and registered (a metadata for them exists in LDAP tree, thus they can be used in SSO flows - simply adding an attribute to schema is not enough, and vice-versa, it's a 2-steps process) are inactive OOTB, and not displayed until you'll click "Show all attributes" button in web UI.