[19402] in Kerberos
Designing mid-sized site
daemon@ATHENA.MIT.EDU (Lukas Kubin)
Wed Jun 11 12:12:21 2003
Date: Wed, 11 Jun 2003 18:11:21 +0200 (CEST)
From: Lukas Kubin <kubin@opf.slu.cz>
To: Kerberos@mit.edu
Message-ID: <Pine.LNX.4.44.0306111746490.13591-100000@x.opf.slu.cz>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: kerberos-bounces@mit.edu
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
We are in the process of converting our university network from Novell
Netware to Kerberos/OpenAFS/OpenLDAP. The network counts about 7000 users.
There are 2 geographic locations (schools), both have their own server
centers. There is a quite fast connection between those 2 nodes.
Since this is the first time for most of us to design such a network using
Kerberos, we would like to get some advice here.
1. How many realms should we create? Is UNIV.ORG enough or shall we create
one for each school or department? Say, UNIV.ORG and SCHOOL1.UNIV.ORG and
SCHOOL2.UNIV.ORG.
2. How should we create user accounts to distinguish students, employees
for each school, similarly to the Novell's "context" concept? At the same
time we need everybody to be able to log-in in any computer throughout the
university network without much effort.
Thank you.
lukas
- --
Lukas Kubin
phone: +420596398285
email: kubin@opf.slu.cz
Information centre
The School of Business Administration in Karvina
Silesian University in Opava
Czech Republic
http://www.opf.slu.cz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Made with pgp4pine 1.75-6
iD8DBQE+51SuhukdIiZrwu4RAoYoAJ9qxOh7C9Tw3fxpUz3ZbPpULoB9UgCghXzc
aCx98hoJz4SQ0IBD+2M23oY=
=PSRn
-----END PGP SIGNATURE-----
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
