trouble deciding which kerberos flavor
Christopher D. Clausen
cclausen at acm.org
Mon Oct 25 17:51:45 EDT 2010
Ken Dreyer <ktdreyer at ktdreyer.com> wrote:
> On Thu, Oct 21, 2010 at 1:10 PM, eric <krb.help at hopevaleufsd.org> wrote:
>> I just want to know any differences that MIT and Heimdal have with each
>> other:
>
> I think someone at the 2010 Kerberos Conference summarized it this way:
>
> MIT is likely to be what your OS vendor ships. Heimdal has more features.
I'd say that depends on the features you want.
Unless my information is out of date, MIT KDCs support policies where you
can setup groups of principals with different security requirements (like
say, students, faculty, staff, hosts, services, etc.) and then customize
password length, strength, expiration and other settings for each of these
groups. In Heimdal this needs to be set on each principal which makes it
really annoying to change after initial account creation.
<<CDC
More information about the Kerberos
mailing list