We are looking at Data Loss Prevention solutions from various vendors, and finding dependencies on AD, especially as regards end-point security (CD/DVD and Thumb drives).

The latest releases of SLES/OES promise Active Directory compliance. What is your sense of the limits, given a completely eDirectory based domain with no AD deployed the Microsoft way, in supplying the need for AD services?

Would we have to at least deploy a single Windows DC (or whatever they are calling this now)?

Or could we emulate AD to the point where these windows-based services would work fine?