Re: Hardening NIS+
From: Darren Moffat (Darren.Moffat@Sun.COM)Date: 08/22/02
- Previous message: Charles Clancy: "Re: Hardening NIS+"
- Maybe in reply to: Small, Jim: "Hardening NIS+"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 21 Aug 2002 17:17:53 -0700 (PDT) From: Darren Moffat <Darren.Moffat@Sun.COM> To: focus-sun@securityfocus.com, reggers@ist.uwaterloo.ca
>> IMHO, the best combination for ease of administration and security is to
>> use Kerberos with NIS+.
>
>I am curious .... Has anyone configured a Solaris machine to use Kerberos
>authentication against a Microsoft Active Directory?
>
>If I'm so lucky to find someone who has done so... what's required?
Yes this works fine. Just tell the Solaris machine the name/IP of
the Active Directory machine when you are prompted for the name of
the KDC during sysidcfg. If you are doing it post install then update
/etc/krb5/krb5.conf.
This just works. The opposite doesn't work well: ie using a Solaris
(or any MIT derived) KDC to server Windows 2k clients.
-- Darren J Moffat
- Previous message: Charles Clancy: "Re: Hardening NIS+"
- Maybe in reply to: Small, Jim: "Hardening NIS+"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
