> We are using mainly Linux 2.6.x with HP-UX 11.x and some Windows > boxes thrown into mix.
I dare to say that OpenAFS will work with all of the different KDCs. Which one you favour the most is probably a matter of taste. My taste is Heimdal. If you are familiar with setting up a Heimdal KDC on FreeBSD keep on doing so. One imporant thing with security related software is that you want to be familiar to avoid misstakes which might be fatal (security wise). > No Windows AD/KDC planned, but Windows clients > integration with standard KDC and possibly OpenAFS will be important. Good luck with not needing an AD, but I think both Heimdal and MIT can be cross realmed with an AD when you need it. Just keep the realm/domain names of the "Unix KDC" and the "Windows KDC (AD)" different. There are organizations which used the same realm name and had to suffer for it. It is good if you can synchronize usernames from the start. There are some tips how to cross realm with Windows in the Heimdal documentation. Harald. _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
