systematic Kerberization
Panu Matilainen
pmatilai at welho.com
Sun May 16 12:31:56 UTC 2004
On Sat, 15 May 2004, Havoc Pennington wrote:
> On Sat, 2004-05-15 at 13:54, Magnus Runesson wrote:
> > > > Also, it's always possible to select the local computer and log into that,
> > > > rather than into the domain.
> > > >
> > >
> > > So the message I've gotten from others is "Windows solves this problem
> > > and Linux does not" and they were aware of the ability to set up a local
> > > passwd file when complaining.
> >
> > Doesn't PADL's pam-modules ccreds and nss_updatedb help to solve the
> > problem. http://www.padl.com/OSS/pam_ccreds.html
> > Unfoutunately, I havn't got the time to test it by my self yet.
> >
>
> Certainly appears so. Anyone tried this?
I mentioned PADLS new modules earlier in this thread: they basically do
solve the problem BUT it does so by caching ALL of the directory data on
the local harddisk. Not very feasible when you have tens of thousands of
users (and never mind the security implications of carrying whole companys
usernames and passwords around in a laptop..)
- Panu -
More information about the fedora-devel-list
mailing list