From owner-freebsd-security Tue Apr 9 7:57:17 2002 Delivered-To: freebsd-security@freebsd.org Received: from caligula.anu.edu.au (caligula.anu.edu.au [150.203.224.42]) by hub.freebsd.org (Postfix) with ESMTP id 43D2E37B416; Tue, 9 Apr 2002 07:57:12 -0700 (PDT) Received: (from avalon@localhost) by caligula.anu.edu.au (8.9.3/8.9.3) id AAA10164; Wed, 10 Apr 2002 00:57:10 +1000 (EST) From: Darren Reed Message-Id: <200204091457.AAA10164@caligula.anu.edu.au> Subject: Re: Centralized authentication To: nectar@FreeBSD.ORG (Jacques A. Vidrine) Date: Wed, 10 Apr 2002 00:57:10 +1000 (Australia/ACT) Cc: benjamin@macguire.net (Benjamin Krueger), klik@unstable.org (klik), rand@meridian-enviro.com (Douglas K. Rand), freebsd-security@FreeBSD.ORG In-Reply-To: <20020409144158.GX19961@madman.nectar.cc> from "Jacques A. Vidrine" at Apr 09, 2002 09:41:58 AM X-Mailer: ELM [version 2.5 PL1] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In some mail from Jacques A. Vidrine, sie said: > > Yes, Kerberos does `blow away' many authentication systems. However, > the poster's subject --- ``Centralized authentication'' --- doesn't > really describe what he needs. In addition to authentication, he > needs authorization and directory services, which Kerberos does not > provide. i.e. there is no Kerberos mechanism with which to distribute > the contents of /etc/passwd and /etc/group. You can use NIS for this or when someone gets around to writing an LDAP extension for nsswitch.conf, you could use that. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message