kadmin security requirements
Brian Minard
bminard at flatfoot.ca
Sun May 4 10:34:07 EDT 2003
Hello,
I'm curious about an answer in the FAQ which discusess the
administration server. The answer to question 1.14, says
(in part):
In most Kerberos implementations there is also an administration
server which allows remote manipulation of the Kerberos database.
This administration server usually runs on the KDC.
I'm unclear on a couple of issues arising from these statements.
(a) are the security requirements for the administration server
the same as those for the KDC?
(b) what is considered the best practice for these servers--should
they reside on the same machine, different machines, or should the
administration server be turned off?
Thanks,
Brian
--
Brian Minard
bminard at flatfoot.ca
More information about the Kerberos
mailing list