Hi, I'm in the early stages of a project to deploy a unix-only kerberos realm that will serve around 1000 unix servers. It's an MIT kerberos realm with the KDCs on SuSE Linux.
Does anyone have any experience doing something like this? I'm trying to nail down some of the finer details of the design, for example: a. whether to use the traditional database backend or the ldap backend, and the replication implications of this decision. b. how to ensure users dont have problems with confusion between local credentials and kerberos credentials c. methods for allowing admins to log into servers for kerberos triage d. use of specific encryption types if I want to consider a trust with an AD realm some time down the road Any insight or advice is welcome. ~Paul _______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
