LDAP and passwords

William Muriithi william.muriithi-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Fri Jul 31 17:14:10 UTC 2009


>
>
> I can do this with kerberos? It had been my intention to learn more
> about kerberos, figuring I would need to implement it at some point.
> This may mean I dig into it sooner rather than later.
>

Sure, however as Christopher has said, before going that way, make a list of
all the applications  you are using and see if most of them are capable of
speaking kerberos  natively or have a pam module to assist.

If a lot of the application are not capable, forget it. If most of your
applications are ready, then looks at what is involved to run kerberos
service. Do  you still think you stomach it?

Anyway, you have a decision to make here, all I can say is, should you
implement kerberos, have it running on a couple of servers for redundancy. A
single kerbero server can take your whole network down should it be
unavailable

>
> cheers,
> darryl
> --
> The Toronto Linux Users Group.      Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
>

William
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/legacy/attachments/20090731/0041bbc7/attachment.html>


More information about the Legacy mailing list