|
Yep, I agree. 'tis why I included their myth's link.
=)
We (and when I say we I mean our UNIX folks, not me) have
been working on kerberos integration with AD for a couple of years now. Massive
issues with cross realm (cross domain) and service location and some small
issues with keytab generation. Also now with Windows 2003, HPUX can't use the
keytabs because they use the weakest form of encryption I guess which MS
disabled in K3.
Its all fun.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike Welborn Sent: Sunday, May 02, 2004 8:34 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Kerberos Info Joe……If you are interested in true *nix integration with Active Directory, check out a company named Vintela. They have a great solution but you will pay for it.
Mike W.
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of joe
In line with an earlier post where I said that LDAP isn't for authentication, kerberos is. Here are some kerberos links for folks. The last one is from a vendor who sells a product to help but it interesting reading due to them pointing out some of the shortcomings of some of the *nix solutions to integrate into the Windows world. Good things to know BEFORE you dive into trying to do it.
joe |
- [ActiveDir] Kerberos Info joe
- RE: [ActiveDir] Kerberos Info Mike Welborn
- Re: [ActiveDir] Kerberos Info Brent Westmoreland
- joe
