1. Does DACS support Novell Directory Tree authentication "out of the box"?
1.1 If not, can it support Novell Directory Tree authentication?
1.1.1 In general terms, what would be involved?
1. I have no direct experience authenticating against a Novell directory, so I don't know.
Perhaps someone who has tried it can comment.
If the directory offers an LDAP interface and
provided you require a username/password to bind to the directory, I'd guess that local_ldap_authenticate would work for Novell just as it works for Microsoft ADS. After building DACS, it shouldn't take much time for you to find out. See dacs_authenticate(8).
To answer 1.1 and 1.1.1, I'd need to know more specifically what form(s) of authentication you require. Username/password? X.509 certificates? smart cards? And which specific product are you using? eDirectory?
In the simplest case, you're talking about a situation only slightly different from that of ADS, so I wouldn't expect much needs to be done - we could probably offer some help.
In theory, DACS ought to be able to support just about any style of authentication. Support for PAM-based authentication is pending some demand for it, but if there is a PAM module for your directory service then that might eventually offer another approach.