SUMMARY: info on kerberos/pam/ldap/nis

From: Sebastian Benoit (benoit@mathematik.uni-marburg.de)
Date: Thu Aug 13 1998 - 03:25:39 CDT


The question was:

> Is anyone using kerberos (with Solaris 2.6) ?
> I would appreciate any pointers to documentation.

I only got one reply pointing me to information, others told me they
were investigating similar things (the question was a little vague and
integrating NT accounts with unix-accounts seems to be a difficult
subject:-)

LDAP:
http://www.umich.edu/~dirsvcs/ldap/

LDAP, kerberos and NIS integration:
http://obsidian.xedoc.com.au/~lukeh/ldap/
http://obsidian.xedoc.com.au/~lukeh/ldap/#nt

and
ftp://ftp.nic.de/pub/doc/rfc/rfc-2300-2399/rfc2307.txt
(RFC 2307 Using LDAP as a Network Information Service, March 1998)

NIS+:
http://www.eng.auburn.edu/users/rayh/solaris/NIS%2b_FAQ.html
http://beta.ece.ucsb.edu/~wesc/nis+faq.html

Thanks go to Walter Steiner:

kerberos V:
http://web.mit.edu/kerberos/www/
http://www.lns.cornell.edu/public/COMP/krb5/
 (same as krb5-1.0.5.doc.tar.gzfrom Kerberos-Distribution)

kerberos V and pam:
ftp://ftp.dementia.org/pub/pam/pam_krb5.1.1.3.tar.gz
This seems to be a pam-module for Solaris 2.6 that can be used in
pam.conf:

login auth sufficient /usr/lib/security/pam_krb5.so.1
login auth required /usr/lib/security/pam_unix.so.1

kerberos IV and secure rpc in Solaris:
http://docs.sun.com/
search for secure rpc.
kerberos IV works with an kerberos V server (compile with
kerb IV support)

Windows NT:
Kerberos V support is planned for Windows NT.
In an Microsoft White Paper, it is said that Kerberos replaces Lan Manager
as Security Protokol in NT5. The implementation will be based on RFC1510.
I dont know if that means that an easy integration with Kerberos on UNIX
will be possible.
http://premium.microsoft.com/msdn/library/conf/pdc97/distributed_security_services.htm
(That Kerberos is from MIT is mentioned only once :-)

Sebastian Benoit

--------------------------------
Sebastian Benoit
benoit@mathematik.uni-marburg.de



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:46 CDT