Windows with MIT krb5 and OpenLDAP
Jeffrey Altman
jaltman2 at nyc.rr.com
Sat Apr 10 23:24:20 EDT 2004
Sensei wrote:
>
> AFS, Kerberos and LDAP are currently on the same server... and I'll keep
> it so...
Many folks on this list will consider running any services on the same
machine as the Kerberos KDC to be a security weakness. You increase the
attack surface of the machine when you do so. If the KDC database is
compromised you have lost everything. Is it really worth the risk?
More information about the Kerberos
mailing list