Peer-to-Peer strong authentication

From: "Rhino 007" <rhino007_us@xxxxxxxxx>
Date: 7 Oct 2006 13:20:32 -0700

Hi,

My questions for the group are:

1) what is the overhead of doing strong authentication between
peer-to-peer processes in an IBM mainframe, and IBM UNIX environment,
5% 10%, 15%? Are there any hardware solutions, that could take over
the load?

2) This is an LDAP environment. An assumption is that LDAP is better,
stronger, more secure than active directory etc. Is there some reason
that Kerberous isn't compatable with LDAP? Does LDAP have it's own
strong authentication element that removes the need for Kerberous?

Is it possible to create a VPN tunnel using LDAP alone, or do you need
SSH or some other tool for this? Can you do single signon with SSH, or
does this cause overhead for each process to process virtual circuit?

I think I know the answers to some of these, but I'm trying to get all
the info I can. Any other ideas on how to reduce the overhead load of
doing strong authentication?

Thanks, Rhino

.

Prev by Date: portknocking question
Next by Date: MS Active Directory Vs LDAP
Previous by thread: portknocking question
Next by thread: MS Active Directory Vs LDAP
Index(es):
- Date
- Thread

Relevant Pages

Re: Directory Services, LDAP or similar
... In other projects, we managed the user authentication by creating tables that define all users and its allowed capacities, then the application queryies that data to verify if a user has access to some feature or not. ... The above ID and password are sent to the service at login time. ... They are using Novell eDirectory at the enterprise level; yes it's LDAP. ... We already do that for three different DB servers; ...
(borland.public.delphi.non-technical)
Re: noob on slapd with sasl errors
... If I may share advice based on my own trials & tribulations with LDAP ... people who need network authentication and the current state of ... context of network authentication, LDAP really is just a protocol used ... I have no idea how sasl works and why it is needed here, or even more, ...
(Ubuntu)
Re: Directory Services, LDAP or similar
... we managed the user authentication by creating tables ... The above ID and password are sent to the service at login ... Novell eDirectory at the enterprise level; yes it's LDAP. ... servers; ...
(borland.public.delphi.non-technical)
No more logins after upgrade to deb 5.0
... After upgrading from Debian 4.x to 5.x without any further configuration attempts my LDAP Authentication configuration fails. ... If an LDAP Administrator resets that users password and/or as long their ldap password is not expired the user can login anywhere just fine. ...
(Debian-User)
Re: Recommended strategy for providing access to web apps via Inte
... LDAP is an ugly solution on the public internet, ... These federated authentication protocols are designed to address these ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ...
(microsoft.public.windows.server.active_directory)