Windows with MIT krb5 and OpenLDAP
Sensei
noone at nowhere.org
Sun Apr 11 06:27:51 EDT 2004
Jeffrey Altman wrote:
> Many folks on this list will consider running any services on the same
> machine as the Kerberos KDC to be a security weakness. You increase the
> attack surface of the machine when you do so. If the KDC database is
> compromised you have lost everything. Is it really worth the risk?
No, not now that I know samba does not work with k5/ldap. The only way
is to have a trusted AD server... sigh!!!
Anyone knows how to make setup and user management easier? I mean, on
the afs server I will use some scripts to make easier my life... so I
will have to create users on the AD if I'm right.
Any useful link? AFS is mandatory...
--
Sensei <mailto:senseiwa at tin.it>
<icqnum:241572242>
<msn-id:Sensei_Sen at hotmail.com>
A)bort, R)etry, I)nfluence with large hammer.
More information about the Kerberos
mailing list