In article <[EMAIL PROTECTED]>, Amir Saad <[EMAIL PROTECTED]> wrote:
>I use MIT Kerberos 5 & OpenLDAP to manage my network users. I can login >successfully to all machines using my Kerberos principal. I need to >create a limited account that is able to access only a few >hosts/services not all machines/services. How can I do this? You use whatever access-control mechanisms are provided by those services. Kerberos is an authentication protocol, not an authorization service. -GAWollman -- Garrett A. Wollman | The real tragedy of human existence is not that we are [EMAIL PROTECTED]| nasty by nature, but that a cruel structural asymmetry Opinions not those | grants to rare events of meanness such power to shape of MIT or CSAIL. | our history. - S.J. Gould, Ten Thousand Acts of Kindness ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
