help with kerberised NFS for a nis netgroup alternative
TheWizard
nitzanz at gmail.com
Wed Jan 23 06:12:10 EST 2008
Hello,
I'm working on an prototype to replace our NIS based auth' to kerberised
services.
I've menage to setup NFS4 with kerberos using gss/krb5 security in exports
and all well.
we have various host groups (using nis netgroups) that should connect to
various exports,
if we change them to gss/krb5 we loose the netgroup differentiation.
I've though of using multiple realms (with a single KDC) and the various
exports will be handled by the client machine's realms, if more then one
"group" is needed we can inter-realm authenticate.
has anyone heard of such kerberos "alternative" for netgroup NFS approach?
is it feasible?
how does kadmin handle multiple realm?
any help would be most appreciate.
--
View this message in context: http://www.nabble.com/help-with-kerberised-NFS-for-a-nis-netgroup-alternative-tp15039386p15039386.html
Sent from the Kerberos - General mailing list archive at Nabble.com.
More information about the Kerberos
mailing list