What I am suggesting is you port the "Client Authentication program" and the "Astaro Security Agent" to linux(32/64), BSD(32/64) as well as Mac OS X.

Make it possible to add additional domain server in the single sign on configuration or allow availability group in the "Server" configuration so that if the first domain is down authentication will fail over to the second domain

After having to create loads of users on a new system I have a couple of change requests that would (somewhat) ease the task of creating users.

In the dialog for creating new users I would prefer to
1) not have to enter password twice. It will very often be a cut'n'paste anyway, and if you typo it it is easy to fix.

2) Remove the default 0.0.0.0 value for static IPs. Now I have to delete the content there before pasting.

We need the ability to have more than one Auth server.

Would be nice to have more than one for reliability

The Active Directory prefetch currently imports only the primary email address for each user. This creates a problem if the user recieves an email under an alias, the message does not show up in their mail manager (user portal) unless you manually add the alias to the account. Also, the Prefetch currently overwrites all user accounts so if you manually add an address to an account, the additional address is lost with the next AD prefetch.

Add the possibility to use SSO authentication with Apple Open Directory and not just Active Directory for Web filtering authentication.

is it possible to config "Prefetch directory users" at System Startup?

If not, this feature would be great !

Be able to use eDirectory and Active Directory groups inside the remote access and inside the packetfilter ruleset. This requires the AUA process to add the authenticated ip address of a user to the matching groups he is part of. Customers can use remote authentication and remote group management in every area of the product. This way the config of the ASG must not be modified if a new user gets added to the eDir or AD and therefore reduced the configuration overhead.

Instead of forcing people to authenticate to create the account through relay. Allow users to be automatically created when logging into to the user portal. That way instead of assigning each user to the user portal you can assign a group (backend auth users).

So that we can more easily deploy the AAA, please make it available as an MSI file (in addition to the already-possible .exe format).

This will allow admins to roll-out in mass operations to many stations and make it easy to get running with the AAA.