Importing data?
Douglas E. Engert
deengert at anl.gov
Thu Jan 12 18:18:56 EST 2006
>
> On Thursday, January 12, 2006 01:42:54 PM +0100 Bjorn Tore Sund
> <bjornts at mi.uib.no> wrote:
>
>
>>University of Bergen is setting up a unix/linux Kerberos realm to handle
>>logons on our unix/linux clients and servers (about 1500). Our problem
>>is that all 30.000 users needs principals on the KDC,
Why duplicate the user?
You could do cross realm between the AD realm and the Kerberos realm.
so you only need the hosts principals registered in the MIT based kerberos
realm. Let the users stay in AD. This is what we have done for years.
Another approach is to add the unix host principals to AD, so you
don't have to setup any new realms. We are starting to migrate the
host principlas to AD.
>>and we'd rather
>>not have to run all of them through having to type their password
>>somewhere.
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list