[6168] in Kerberos
Kerberos as alternative to NIS/Yellow Pages
daemon@ATHENA.MIT.EDU (Peter Miles)
Wed Nov 8 06:08:28 1995
To: kerberos@MIT.EDU
Date: 8 Nov 1995 09:50:26 -0000
From: pmiles@tdc.dircon.co.uk (Peter Miles)
Hi,
Is anyone out there using Kerberos as an alternative to NIS/Yellow Pages
(i.e. for centralised password management).
I've be interested in hearing comments and experiences.
One of my main concerns is that I understand that Kerberos uses it's own
way on encypting passwords on the server. This may be a problem for us,
as we have 10,000+ users with UNIX crypt()-based passwords, and we are
not able to reissue them with new passwords. Can Kerberos be set to use
standard UNIX password encryption (even at the cost of slightly lower
security)?
Also, do all applications which check the password file have to be modified,
or does Kerberos simply replace things like the getpwent() routines?
I should point out that the centralised password management is more
important to me than users being able to move from system to system without
have to re-enter their password.
Does Kerberos have any equivalent to the "Netgroups" feature of NIS?
Pointers to Kerberos documentation (aimed at a system manager rather than
a programmer) would also be useful.
Thanks for any responses.
-- Pete
--
Pete Miles pmiles@dircon.co.uk
...pipex!dircon!pmiles
