Heimdal KDC, Windows XP and local users

Victor Sudakov vas at mpeks.no-spam-here.tomsk.su
Fri Jan 11 08:03:27 EST 2008


Javier Palacios wrote:
> > > And it is extremely easy to tweak the scap code to just create the
> > > user account instead of looking up LDAP to check that user actually
> > > exists.
> >
> > Perhaps it is easy, but anyway it would mean installing third party
> > software to Windows workstations, which I was trying to avoid.

> And you really hope that Microsoft wil support non-microsoft KDC out
> of the box?

They already support it. The only issue is local user/profile creation.

BTW what about Unix? Is there a way to automatically create a local
user if a Kerberos principal successfully authenticates on the box?
Oh well, it is not very useful after all, who in the world needs a
Unix user with the same name and different uid on each box...

> Even the ksetup.exe is not on the base bundle but in support toos.

This seems reasonable. There are a lot of useful utilities in support
tools, however those utilities are not meant for an average user.

-- 
Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
2:5005/49 at fidonet http://vas.tomsk.ru/



More information about the Kerberos mailing list