Hi I'm thinking about creating a central managed user and data system here. It should use AFS (OpenAFS) as virtual filesystem and LDAP (OpenLDAP) as User and Comuter info Database. I tried this earlier but it ended in more than one user database (LDAP and AFS (kerberos 4)). I thought of using Kerberos 5 as login and credentials manager because its very secure. I am not sure if it is possible for this three compnents (AFS,LDAP and Kerberos 5) to interact together using LDAP as central infobase. M$ has managed to get that to work with its AD and Login system and DFS wich is all kerberos 5 based.
There are several issues wich need to be thought about: - Is there a need for Kerberos 5? Is LDAP over SSL not equal secure? - Is there a possiblity to trim OpenAFS to LDAP so that it not uses its own userdatabases? - If Kerberos 5 is needed is there a way to trim it to LDAP? The system should be the most secure and the most simple one :)). The more complex a system gets the more points of attac there are. RFC cheers, Raffaele -- Raffaele Sandrini <[EMAIL PROTECTED]> Annoyed about M$ Windows? Don't worry. Try Linux! (www.linux.org) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
