Am Freitag, den 11.01.2008, 17:29 +0000 schrieb Victor Sudakov: > Javier Palacios wrote: > > > BTW what about Unix? Is there a way to automatically create a local > > > user if a Kerberos principal successfully authenticates on the box? > > > Oh well, it is not very useful after all, who in the world needs a > > > Unix user with the same name and different uid on each box... > > > You know about NIS, so you know that you may have he same uid in > > different boxes. > > Sure. But this again means the toil of maintaining two databases: the > NIS map and the KDC database.
I think you will need two databases: one for kerberos credentials and another one for account information. Kerberos does not tell you about a user's home directory or shell... > > And youger people who never heard about NIS do know > > about nss-ldap. > > And again, why would we want two databases: LDAP and Kerberos? > > > And pam_mkhomedir cares about "local profile" creation. > > Oh yes, I use it on NIS clients. > It is much better for my purposes than NFS-mounted homes. > -- Volkmar Glauche Freiburg Brain Imaging http://fbi.uniklinik-freiburg.de/ Phone +49(0)761 270-5331 Fax +49(0)761 270-5416 ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
