Does a user HAVE to have an account?
klmitch at MIT.EDU
Fri Mar 8 15:50:00 EST 2002
> Must a user have an account on a workstation in order for them to be
> able to login to that workstation, if it is told to authenticate with
> kerberos as the primary mechanism?
> I'm just curious, I've never 100% successfully setup kerberos, but never
> had the time either. Now I've got the time, and I've got a test-bed
> setup for this. Then I wondered about this question.
Kerberos only provides authentication; it doesn't provide any of the
information that a workstation needs to determine whether the user is
authorized to log into that workstation, where their home directory
is, what their user ID is, etc. MIT uses a DNS-based system called
hesiod for distribution of that information; other sites use various
systems including variants of NIS and LDAP.
Kevin L. Mitchell <klmitch at mit.edu>
More information about the krbdev