User Mangment: LDAP, AFS, Kerberos

To: debian-user@lists.debian.org
Subject: User Mangment: LDAP, AFS, Kerberos
From: Raffaele Sandrini <rasa@gmx.ch>
Date: Fri, 1 Aug 2003 15:56:31 +0200
Message-id: <[🔎] 200308011556.32102.rasa@gmx.ch>

Hi

I'm thinking about creating a central managed user and data system here. It 
should use AFS (OpenAFS) as virtual filesystem and LDAP (OpenLDAP) as User 
and Comuter info Database. I tried this earlier but it ended in more than one 
user database (LDAP and AFS (kerberos 4)). I thought of using Kerberos 5 as 
login and credentials manager because its very secure. I am not sure if it is 
possible for this three compnents (AFS,LDAP and Kerberos 5) to interact 
together using LDAP as central infobase. M$ has managed to get that to work 
with its AD and Login system and DFS wich is all kerberos 5 based.

There are several issues wich need to be thought about:
- Is there a need for Kerberos 5? Is LDAP over SSL not equal secure?
- Is there a possiblity to trim OpenAFS to LDAP so that it not uses its own 
userdatabases?
- If Kerberos 5 is needed is there a way to trim it to LDAP?

The system should be the most secure and the most simple one :)). The more 
complex a system gets the more points of attac there are.

RFC

cheers,
Raffaele
-- 
Raffaele Sandrini <rasa@gmx.ch>
Annoyed about M$ Windows? Don't worry. Try Linux! (www.linux.org)

Reply to:

Follow-Ups:
- Re: User Mangment: LDAP, AFS, Kerberos
  - From: David Z Maze <dmaze@debian.org>

Prev by Date: Signing emails on the list [Was Re: Is there a *console* screen capture]
Next by Date: Re: cron bash date
Previous by thread: Signing emails on the list [Was Re: Is there a *console* screen capture]
Next by thread: Re: User Mangment: LDAP, AFS, Kerberos
Index(es):
- Date
- Thread