|
I may sounds like an idiot, but you guys
are always talking about tracing stuff on the network to see if it is in plain
text, and I have no clue how to do it. This is something I would really like to
know how to do (as I think it would really help me understand some things….along
with lessen the load of me asking these questions to you guysJ). I have tried using
ethereal to do this, but either it doesn’t do it, or I just don’t know
how to use the thing (which I am about 99% positive is the problem). Do any of you have the quick and dirty
steps to do this? Or a link to a good tutorial (which I can’t seem to
find)? As far as REQs Al……. 1. FREE 2.
Add little complexity Looks like I will either just use SFU, or
keep the user repositories separate. I was just hoping that something free had
come along since the last time that I looked that was worth doing. From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick The directions you reference on the sunone
site make it look to me like it's an LDAP bind. Best way to know for sure
would be to trace it on the network to see what is passed. If ldap bind,
be sure to use some sort of encryption such as SSL. I'm curious what the requirement here
is? If just to allow solaris to authenticate via kerb with AD and allow
AD users to login to solaris workstations, have you considered a product such
as Centrify? www.centrify.com Far cry better and easier to implement. I'm interested in hearing what the
requirements are though. The docs you referenced indicate a configuration that
would be a PITA to manage in terms of reliability and effort IMHO. Al From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Fleischman I know someone doing auth from Solaris 9
and 10 against AD via Kerberos in production. I don’t know how they are
populating /etc/passwd but can find out. I’ve never used NIS against AD so
couldn’t say what’s going on here. ~Eric From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Douglas M. Long Anyone know if this is passed in plain text? If so, i dont see any
advantage to this versus the NIS server in SFU. Seems that the *nix community
is making no progress in the secure authentication arena if this is the case.
Any ideas or thoughts? |
Title: RE: [ActiveDir] Ocra
- [ActiveDir] Solaris authentication Douglas M. Long
- RE: [ActiveDir] Solaris authentica... joe
- RE: [ActiveDir] Solaris authentica... Eric Fleischman
- RE: [ActiveDir] Solaris authentica... Al Mulnick
- RE: [ActiveDir] Solaris authentica... Olegario, Alan
- RE: [ActiveDir] Solaris authentica... Bahta Nathaniel V Contr NASIC/SCNA
- Re: [ActiveDir] Solaris authentica... Douglas M. Long
- Re: [ActiveDir] Solaris authen... Peter Jessop
- RE: [ActiveDir] Solaris authentica... Al Mulnick
- RE: [ActiveDir] Solaris authentica... Douglas M. Long
- RE: [ActiveDir] Solaris authentica... Douglas M. Long
- RE: [ActiveDir] Solaris authen... joe
- Re: [ActiveDir] Solaris au... Phil Renouf
