Designing mid-sized site

Lukas Kubin kubin at opf.slu.cz
Wed Jun 11 12:11:21 EDT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We are in the process of converting our university network from Novell
Netware to Kerberos/OpenAFS/OpenLDAP. The network counts about 7000 users.
There are 2 geographic locations (schools), both have their own server
centers. There is a quite fast connection between those 2 nodes.

Since this is the first time for most of us to design such a network using
Kerberos, we would like to get some advice here.

1. How many realms should we create? Is UNIV.ORG enough or shall we create
one for each school or department? Say, UNIV.ORG and SCHOOL1.UNIV.ORG and
SCHOOL2.UNIV.ORG.

2. How should we create user accounts to distinguish students, employees
for each school, similarly to the Novell's "context" concept? At the same
time we need everybody to be able to log-in in any computer throughout the
university network without much effort.

Thank you.

lukas

- -- 
Lukas Kubin

phone: +420596398285
email: kubin at opf.slu.cz

Information centre
The School of Business Administration in Karvina
Silesian University in Opava
Czech Republic
http://www.opf.slu.cz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Made with pgp4pine 1.75-6

iD8DBQE+51SuhukdIiZrwu4RAoYoAJ9qxOh7C9Tw3fxpUz3ZbPpULoB9UgCghXzc
aCx98hoJz4SQ0IBD+2M23oY=
=PSRn
-----END PGP SIGNATURE-----





More information about the Kerberos mailing list