Thanks! Witj best regards Vitaly Chernookiy > > >I wont have single database in my local network for account information: for > >system account and for afs account. > > > >In google I found out three ideas: > >1)Using ldap as backend for kerberos. system use data directly from ldap and > >afs use same data from kerberos > > There is an LDAP backend for Heimdal, some information is at: > > http://www.padl.com/Research/Heimdal.html > > >2)using kerberos as backend for ldap. afs try to directly use kerberos, > >others(system) use same data from ldap > > I don't quite know what you mean here, but it is possible to use Kerberos > to authenticate to an LDAP directory (using GSS-API and SASL). This is > complementary to 1) above. > > >I have no idea what is more usable, simple and what I may/must/have to use > > Don't forget that Kerberos is an authentication service, not an authorization > service. AFS uses its Protection Server for maintaining authorization > information, which typically keeps its own database. > > -- Luke > > -- > _______________________________________________ > OpenAFS-devel mailing list > [email protected] > https://lists.openafs.org/mailman/listinfo/openafs-devel ________________________________________________________________ GET INTERNET ACCESS FROM BCS! http://www.bcs.zp.ua Join BCS today! For your FREE webmail, visit: http://email.zp.ua/
_______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
