From owner-freebsd-isp@FreeBSD.ORG  Sun Oct 16 05:04:10 2005
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
X-Original-To: freebsd-isp@freebsd.org
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4833B16A41F
	for <freebsd-isp@freebsd.org>; Sun, 16 Oct 2005 05:04:10 +0000 (GMT)
	(envelope-from lists@natserv.com)
Received: from zoraida.natserv.net (p65-147.acedsl.com [66.114.65.147])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EBBF643D46
	for <freebsd-isp@freebsd.org>; Sun, 16 Oct 2005 05:04:09 +0000 (GMT)
	(envelope-from lists@natserv.com)
Received: from localhost (localhost.natserv.net [127.0.0.1])
	by zoraida.natserv.net (Postfix) with ESMTP id 0A0FF7DA2;
	Sun, 16 Oct 2005 01:04:09 -0400 (EDT)
Date: Sun, 16 Oct 2005 01:04:08 -0400 (EDT)
From: Francisco Reyes <lists@natserv.com>
X-X-Sender: fran@zoraida.natserv.net
To: Aaron Glenn <aaron.glenn@gmail.com>
In-Reply-To: <18f601940510151547ka3573f8v2f0633010ad2874f@mail.gmail.com>
Message-ID: <20051016010251.R90770@zoraida.natserv.net>
References: <20051012234337.K63956@zoraida.natserv.net> 
	<57416b300510142221r2c3da329o65d54cb0aa04fc73@mail.gmail.com> 
	<20051015133148.P97899@zoraida.natserv.net>
	<18f601940510151547ka3573f8v2f0633010ad2874f@mail.gmail.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: FreeBSD ISP list <freebsd-isp@freebsd.org>
Subject: Re: Distributed authentication. Which one?
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Oct 2005 05:04:10 -0000

On Sat, 15 Oct 2005, Aaron Glenn wrote:

> Exactly. The problem I've always had is, what happens when you can
> reach the device, but the device can't reach any KDC (for whatever
> reason)? How can one fall back on another authentication method while
> maintaining consistant login credentials? Food for thought...

I am totally new at distributed authentication, but would think that at 
least the adminstrator(s), would want to have their id(s) in the local 
password database.

> I would say LDAP, but then I've never used NIS.

The general comment I am seeing in archives is that it is not commonly 
used anymore.