Designing mid-sized site
Shishir Nagaraj
nshishir at novell.com
Tue Jun 17 09:20:38 EDT 2003
You don't need to move away from Novell Netware if what you want is
kerberos authentication of eDirectory/LDAP users, against a netware box.
There are ways of managing LDAP/eDirectory names and kerberos principals
in a truly integrated manner, to deliver a "single point of administration".
Karl Naegle(knaegle at novell.com) could give you more information on the
specifics.
Thank you.
Shishir.
>>>>Lukas Kubin <kubin at opf.slu.cz> 6/11/2003 9:41:21 PM >>>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> We are in the process of converting our university network from Novell
> Netware to Kerberos/OpenAFS/OpenLDAP. The network counts about 7000
> users.
> There are 2 geographic locations (schools), both have their own server
> centers. There is a quite fast connection between those 2 nodes.
>
> Since this is the first time for most of us to design such a network
> using
> Kerberos, we would like to get some advice here.
>
> 1. How many realms should we create? Is UNIV.ORG enough or shall we
> create
> one for each school or department? Say, UNIV.ORG and SCHOOL1.UNIV.ORG
> and
> SCHOOL2.UNIV.ORG.
>
> 2. How should we create user accounts to distinguish students,
> employees
> for each school, similarly to the Novell's "context" concept? At the
> same
> time we need everybody to be able to log-in in any computer throughout
> the
> university network without much effort.
>
> Thank you.
>
> lukas
>
> - --
> Lukas Kubin
>
> phone: +420596398285
> email: kubin at opf.slu.cz
>
> Information centre
> The School of Business Administration in Karvina
> Silesian University in Opava
> Czech Republic
> http://www.opf.slu.cz
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
> Comment: Made with pgp4pine 1.75-6
>
> iD8DBQE+51SuhukdIiZrwu4RAoYoAJ9qxOh7C9Tw3fxpUz3ZbPpULoB9UgCghXzc
> aCx98hoJz4SQ0IBD+2M23oY=
> =PSRn
> -----END PGP SIGNATURE-----
>
>
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list