Excellent, Thank You for the response. -- For service related issues, please call 732-553-9100 option 2, option 2 to speak with our TAC engineers. Email is not monitored for service requests. -- Tony Pugielli Manager of Systems Engineers Turn-key Technologies, Inc. (TTI Wireless) 2400 Main St. Ext. Suite 12 Sayreville, NJ 08872 (W) 732-553-9100 ext. 123 (M) 732-320-0711 (F) 732-553-9107 www.turn-keytechnologies.com www.ttiguardian.com
-----Original Message----- From: Russ Allbery [mailto:ea...@eyrie.org] Sent: Monday, October 5, 2015 4:26 PM To: Tony Pugielli <tpugie...@tti-wireless.com> Cc: kerberos@mit.edu Subject: Re: syncing MIT Kerberos to Active Directory Tony Pugielli <tpugie...@tti-wireless.com> writes: > Good day, I have an environment with MIT Kerberos and Active > Directory. Is there a way to keep both databases (username and > password) in sync? The use case is 802.1x authentication. EAP-GTC is > not native to many devices so we want to use Active Directory so we > can take advantage of the more widely native supplicant PEAP-MSCHAPV2. > We would prefer the user only need to keep track of one username and > password. Right now the Kerberos MIT database is widely used for their > single sign-on applications. You may find: http://www.eyrie.org/~eagle/software/krb5-sync useful, although it only does passwords. I believe there is a krb5-adsync package somewhere based on that which also creates accounts. -- Russ Allbery (ea...@eyrie.org) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
