Heimdal KDC, Windows XP and local users
Volkmar Glauche
volkmar.glauche at uniklinik-freiburg.de
Mon Jan 14 06:06:06 EST 2008
Am Freitag, den 11.01.2008, 17:29 +0000 schrieb Victor Sudakov:
> Javier Palacios wrote:
> > > BTW what about Unix? Is there a way to automatically create a local
> > > user if a Kerberos principal successfully authenticates on the box?
> > > Oh well, it is not very useful after all, who in the world needs a
> > > Unix user with the same name and different uid on each box...
>
> > You know about NIS, so you know that you may have he same uid in
> > different boxes.
>
> Sure. But this again means the toil of maintaining two databases: the
> NIS map and the KDC database.
I think you will need two databases: one for kerberos credentials and
another one for account information. Kerberos does not tell you about a
user's home directory or shell...
> > And youger people who never heard about NIS do know
> > about nss-ldap.
>
> And again, why would we want two databases: LDAP and Kerberos?
>
> > And pam_mkhomedir cares about "local profile" creation.
>
> Oh yes, I use it on NIS clients.
> It is much better for my purposes than NFS-mounted homes.
>
--
Volkmar Glauche
Freiburg Brain Imaging
http://fbi.uniklinik-freiburg.de/
Phone +49(0)761 270-5331
Fax +49(0)761 270-5416
More information about the Kerberos
mailing list