I guess: If you use a non-Windows KDC, you'll have difficulties to set up authorization for your Windows users. (I know MIT Kerberos is not designed for authorization, but i try to be pragmatic). So, I think this is a fairly good approach. Claude
-----Original Message----- From: azimuth 1 [mailto:[EMAIL PROTECTED] Sent: Monday, July 19, 2004 12:48 PM To: [EMAIL PROTECTED] Subject: None In this white paper available at the address: www.microsoft.com/windows2000/ techinfo/howitworks/security/kerbint.asp. I concluded that a good alternative for a network using Active Directory would be to use a Windows KDC, the one available with windows 2000 as a privileged proceess of AD. (The clients in my network are windows and non windows based. the network resources are mosly non windows based). I will have to configure non-windows clients & have non-windows application servers as service accounts. I would appreciate if anyone had similar case and want to discuss it or if you think that i made the right or bad conclusions, just say why. Samy Marre des Spams ? - http://www.caramailmax.com ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
