Enrique, Looks really good and very professional. If you get time, it would be great to see a document summarizing various issues (SSO perhaps) that Kerberos solves, and some recipes for how to solve them with ApacheDS.
Good Job! U Da Man! - Ole --- Alex Karasulu <[EMAIL PROTECTED]> wrote: > Enrique, > > This is most excellent. I'm sure this will attract > many new users and > developers that want to work with the Kerberos > service within ApacheDS. > > Thanks, > Alex > > Enrique Rodriguez wrote: > > Hi, Directory developers, > > > > I've been organizing my interoperability > documentation. I thought it > > made the most sense to start with a quick intro to > Kerberos in today's > > typical enterprise. I think it's fair to say that > most of our > > employers use Windows and thus, by default, Active > Directory. So, we > > can explore "realm control" without setting up any > servers, by using > > existing Active Directory sites. > > > > I want to make two points: > > > > 1) Kerberos is alive and well. In fact, by being > the authentication > > mechanism in Windows/Active Directory, it is a > dominant protocol on > > corporate networks. Every time you log in to > Windows or change your > > password, you are using Kerberos. To paraphrase a > wise man, "Kerberos > > is everywhere, it is all around us, even now in > this very room." > > > > 2) A test setup is at hand. Since server > configuration can be > > complicated, the easiest way to experiment with > Kerberos is to perform > > some basic exploration from a Linux client to an > existing Active > > Directory install. Note that none of this > exploration requires domain > > admin rights nor does it constitute any threat to > your IT > > infrastructure. > > > > So, here's a draft of lesson #1. > > > > New static site: > > > http://directory.apache.org/apacheds/1.0/kerberos-in-the-enterprise.html > > > > Cwiki, in case you have changes: > > > http://cwiki.apache.org/confluence/display/DIRxSRVx10/Kerberos+in+the+Enterprise > > > > begin:vcard > fn:Alex Karasulu > n:Karasulu;Alex > org:Apache Software Foundation;Apache Directory > adr:;;1005 N. Marsh Wind Way;Ponte Vedra > ;FL;32082;USA > email;internet:[EMAIL PROTECTED] > title:Member, V.P. > tel;work:(904) 791-2766 > tel;fax:(904) 808-4789 > tel;home:(904) 808-4789 > tel;cell:(904) 315-4901 > note;quoted-printable:AIM: alexokarasulu=0D=0A= > MSN: [EMAIL PROTECTED] > Yahoo!: alexkarasulu=0D=0A= > IRC: aok=0D=0A= > PGP ID: 1024D/4E1370F8 BBCC E8D8 8756 2D51 C3D4 > 014A 3662 F96F 4E13 70F8=0D=0A= > > x-mozilla-html:FALSE > url:http://people.apache.org/~akarasulu > version:2.1 > end:vcard > > ____________________________________________________________________________________ It's here! Your new message! Get new email alerts with the free Yahoo! Toolbar. http://tools.search.yahoo.com/toolbar/features/mail/
