> We own and run both the MIT KDCs and the AD infrastructure so that > won't be a problem,
You're making the bold assumption that there are no fatal flaws in either. Now I might trust either one in isolation (as there is relatively little else you can do...) but I would seriously think twice about granting access to the native Kerberos services based on AD even if you're nominally in control of both. -- Atro Tossavainen (Mr.) / The Institute of Biotechnology at Systems Analyst, Techno-Amish & / the University of Helsinki, Finland, +358-9-19158939 UNIX Dinosaur / employs me, but my opinions are my own. < URL : http : / / www . helsinki . fi / %7E atossava / > NO FILE ATTACHMENTS _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
