[818] in Kerberos
Re: Do we really want Kerberos?
daemon@ATHENA.MIT.EDU (David Collier-Brown)
Sat Dec 9 05:24:54 1989
From: cs.utexas.edu!jarvis.csri.toronto.edu!helios.physics.utoronto.ca!ists!yunexus!davecb@RUTGERS.EDU (David Collier-Brown)
To: kerberos@ATHENA.MIT.EDU
lauer@BTC.KODAK.COM (Hugh C. Lauer) writes:
>Managing the authentication of the users across sites is a horrendous
>undertaking -- even managing the recognition of users' names at the
>different sites is difficult. I really would like the local site
>administrators to manage their own users, but I want the users to be
>recognizable at our other sites.
Well, you've described a problem set that daemons like Hesiod (sp?) and
Kerberos are part of the solution to. As you might guess, they're necessary
but not sufficent...
In the case you describe, you will need to at least simulate a distributed
directory of users (ie, you can have N independant and update them every
so often) and one or more Kerberoi, all agreeing to cooperate. The latter
should be a good configuration to ask this group about...
--dave
--
David Collier-Brown, | davecb@yunexus, ...!yunexus!davecb or
72 Abitibi Ave., | {toronto area...}lethe!dave
Willowdale, Ontario, | Joyce C-B:
CANADA. 416-223-8968 | He's so smart he's dumb.
