Re: Customizing Security
From: Tom Jordan (tjordan36_at_hotmail.com)
Date: 07/04/04
- Previous message: all mail refused: "Re: Policing user CGI scripts"
- In reply to: Bodo Eggert: "Re: Customizing Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 4 Jul 2004 12:28:36 -0700
Hello Bodo:
To add a little more information:
We have data center that has server running in multiple operating
systems- Win 2000, Linux, Solaris, AIX, and AS/400. Administering the
security in each of these is a bit painful as there are several
hundred servers.
My company provides an identity management solution that goes pretty
far, but we may need to make some enhancements to achieve the desired
solution. The customer would like to simplify the admin task by
centralizing all the security information on one security and policy
server. This way all the servers and applications would authenticate
against this. In doing this, I was curious to know if and how we can
by augment the native login that is part of the OS and if so how.
Thanks in advance for any feedback you can offer.
Best Regards
Tom Jordan
www.diamelle.com
Bodo Eggert <7eggert@fsmtpd.7eggert.dyndns.org> wrote in message news:<2305cc.154.ln@msgid.7eggert.dyndns.org>...
> Tom Jordan <tjordan36@hotmail.com> wrote:
>
> > I was wondering if its possible to have users in a domain to
> > authenticate against an external datastore - ie. not active directory.
>
> Kerberos is supposed to do that.
>
> > The client has a centralized security system that they would like all
> ^
> I suppose as in 'customer', not as in 'the PC being controlled by the one
> to be authenticated'.
>
> > systems and servers to use.
>
>
> > Also, are there any potential disadvantages to do this?
>
> Single point of failure.
- Previous message: all mail refused: "Re: Policing user CGI scripts"
- In reply to: Bodo Eggert: "Re: Customizing Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
