Re: Single Password - Linux & Windows

From: Anne & Lynn Wheeler (lynn_at_garlic.com)
Date: 05/31/05


Date: Tue, 31 May 2005 14:24:18 -0600


"Jason Williard" <jwilliard@pcsafe.net> writes:
> I have 5 servers; 3 RedHat and 2 Windows 2003 Server. I would like
> to use a single password for all of these. When thinking about
> this, I had 2 thoughts that came to mind. 1) Setup the 2 Windows
> servers as domain controllers and find a mechanism to connect the
> linux machines to that. 2) Setup 2 of the linux machines with Samba
> to act as domain controllers. Unfortunately, I don't know which is
> the best option, or if either of these is the best.
>
> What is the best way for me to do this? In the end, I would like to
> have the system administrators be able to login to any of the
> servers with a single login. As well, I would like to use the
> password for specific access for employees, such as pop3/imap/smtp
> and a few other integrated services.
>
> Any suggestions or information would be appreciated.

in theory, an underlying m'soft mechanism is kerberos ... so it should
be possible to deploy a kerberos configuration (across both windows
and many other operating systems).

(windows) kerberos interoperability
http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/Windows/XP/all/reskit/en-us/prdp_log_tjil.asp

windows kerberos security tutorial
http://www.mcmcse.com/win2k/guides/kerberos.shtml

from my rfc index
http://www.garlic.com/~lynn/rfcietff.htm

select "Term (term->RFC#)" in the "RFCs listed by" section
and scroll down to kerberos:

kerberos
 see also authentication , security
 3962 3961 3244 3129 2942 2712 2623 1964 1510 1411

...

selecting any of the RFC numbers then brings up the summary for that
RFC. in the summery field, selecting the ".txt=nnnn" field retrieves
the actual RFC.

some past kerberos related postings:
http://www.garlic.com/~lynn/subpubkey.html#kerberos

-- 
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/