[28992] in Kerberos
Re: Password Syncing to Kerberos using SFU's ssod
daemon@ATHENA.MIT.EDU (Christopher D. Clausen)
Wed Jan 9 12:32:57 2008
Message-ID: <BBBCB8BAE9BB4EDDA876BA02DC29E96B@CDCHOME>
From: "Christopher D. Clausen" <cclausen@acm.org>
To: <kerberos@mit.edu>
Date: Wed, 9 Jan 2008 11:30:12 -0600
Cc: colin.simpson@iongeo.com
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
I'm guessing using a single Kerberos KDC on Windows is going to be more
stable than some password syncronization process that neither vendor
fully supports.
<<CDC
Colin Simpson <Colin.Simpson@iongeo.com> wrote:
> My only reason is we don't really trust window stability and try to
> resist MS creeping onto our servers :-)
>
> Colin
>
> On Wed, 2008-01-09 at 17:13 +0000, Christopher D. Clausen wrote:
>> Colin Simpson <Colin.Simpson@iongeo.com> wrote:
>>> I'm looking at finding a new solution to syncing password between AD
>>> and
>>> Kerberos. We had been using CEDAR for this and it's great but the
>>> passwdHK dll on windows hates it if you pass in 8 bit ascii
>>> passsword.
>>
>> AD already is Kerberos. Why don't you just use your Active Directory
>> controllers as the Kerberos KDCs as well?
>>
>> <<CDC
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
