MS2LINUX - Authentication basics
der.hans
plug-discuss@lists.plug.phoenix.az.us
Tue, 8 Oct 2002 21:22:15 -0700 (MST)
Am 08. Oct, 2002 schwätzte Scott H so:
> >From: Bill Warner <wwarner@direct-alliance.com>:
> >I have been looking into this as well. NIS
> works >in a way that you can basically store half
> your >passwd/shadow/group files on one central
> server.
>
> Half? What do you mean "half"? I don't
> understand that.
I presume he means userland stuff on the server and system stuff locally.
root, bin, etc. need to stay on the local box.
> >Sort of an NFS for single files.
>
> Please explain this a bit, too? I know what NFS
> is, but I don't understand how you mean this.
With NIS you're importing the files from the server. It's closer to DNS zone
transfers than NFS.
> >I am still looking into LDAP as an option. The
> >only thing that I don't like about the Linux
> >authentication options is the fact that unlike
> >windows it typical applications don't maintain
> >the authentication, ... every time you start
> >a web browser you have to re-authenticate with
> >any servers there. It makes for a difficult use
> >experience for the non techies.
> >Bill W
>
> Is this true for both NIS and LDAP? Anyone know
> a way around this? (Other than configuring
> various client software to store passwords?) I
> want my clients to be able to access shared
> folders, pass through the proxy server, attach to
> email, etc - ideally just logging on once to the
> network.
Kerberos is the main mechanism for that. Talk to Paul Thu and he'll help you
pronounce it properly :).
Anyone out there want to give a presentation ( or two ) on kerberos or LDAP?
ciao,
der.hans
--
# https://www.LuftHans.com/ http://www.TOLISGroup.com/
# It's up to the reader to make the book interesting.
# An author has only the opportunity to make it uninteresting. - der.hans