[svlug] Need help with an argument.

James Sparenberg james at linuxrebel.org
Fri Feb 13 19:14:07 PST 2009

Previous message: [svlug] Need help with an argument.
Next message: [svlug] Need help with an argument.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Friday 13 February 2009 18:36:41 Luke S Crawford wrote:
> James Sparenberg <james at linuxrebel.org> writes:
> > My thoughts on this would be if one uses Kerberos I might as well go 
> > with Samba and authenticate to the AD. 
> 
> If you trust the people running your AD, you can do that.   I haven't 
done
> it, but I believe the current LDAP pam modules support authenticating 
from
> active directory.   It would certainly be better than YP from a 
security
> perspective.   
> 
> > Not to mention the problem of 
> > disconnected data centers.  (Earthquake in CA so corp is down and 
Data 
> > Centers need to float on their own.)
> 
> you would, of course, need to put a secondary kerberos server in every 
> data center.  
> 
> You would have this same problem with YP/Nis, AD, and every other 
centralized
> authentication system.   
> 

Which is why up to now I just used my script.  with less than 100 
systems it takes about 5 minutes to type in and change a users pasword, 
add a user or delete one. (including home, mailq, and group) granted it 
doesn't scale to ISP level but it does work.

James

Previous message: [svlug] Need help with an argument.
Next message: [svlug] Need help with an argument.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list