On Tue, Mar 13, 2012 at 1:59 PM, Tiago Elvas wrote:
> The domain will be made of several machines, which will be running dedicated
> applications.
>
> These applications will be operated by persons. So, for several of these
> apps, we'll have profiles such as admin or user. So, in LDAP we'd have
>
The domain will be made of several machines, which will be running
dedicated applications.
These applications will be operated by persons. So, for several of these
apps, we'll have profiles such as admin or user. So, in LDAP we'd have
different profiles for the admin user for each application. The
On Tue, Mar 13, 2012 at 6:45 PM, John Devitofranceschi
wrote:
> How is 'operator' going to authenticate?
>
> Will it have its own password and principal? Or will users be mapped to it
> via operator's .k5login or by using auth_to_local statements in krb5.conf?
>
> jd
The operator will login to
FYI, if these are accounts that you'd provide with keytabs, such that
no passwords need be entered interactively in order for the systems to
run, then you may be interested in Roland Dowdeswell's krb5_admin and
krb5_keytab software, which you can find here:
https://github.com/elric1/krb5_admin
htt
On Tue, Mar 13, 2012 at 4:50 AM, Tiago Elvas wrote:
> Thanks for your reply.
> The idea is to have a domain of several machines where each one has its own
> dedicated purpose and not having a requirement to have unique user ids for
> the whole system.
There was a long thread on heimdal-discuss a
On 03/13/2012 01:45 PM, John Devitofranceschi wrote:
> How is 'operator' going to authenticate?
The most workable interpretation of the request is that operator's
password will be the Kerberos password of operator/fqdn, which will be
different for each host.
It looks like this may be possible wit
How is 'operator' going to authenticate?
Will it have its own password and principal? Or will users be mapped to it via
operator's .k5login or by using auth_to_local statements in krb5.conf?
jd
On Mar 13, 2012, at 3:50, Tiago Elvas wrote:
> Thanks for your reply.
> The idea is to have a domai
On Tue, Mar 13, 2012 at 5:25 AM, shyno wrote:
> Sir,
> when I'm trying to set up a kerberized ftp,
> i'm getting following errors.
> Connected to 192.16.11.149.
> 220 ubuntu FTP server (Version 5.60) ready.
> 334 Using authentication type GSSAPI; ADAT must follow
> GSSAPI accepted as authenticatio
Sir,
when I'm trying to set up a kerberized ftp,
i'm getting following errors.
Connected to 192.16.11.149.
220 ubuntu FTP server (Version 5.60) ready.
334 Using authentication type GSSAPI; ADAT must follow
GSSAPI accepted as authentication type
GSSAPI error major: Unspecified GSS failure. Minor co
Thanks for your reply.
The idea is to have a domain of several machines where each one has its own
dedicated purpose and not having a requirement to have unique user ids for
the whole system.
So that if the operator logs in in machine1(being machine1 a fqdn) he has
the authentication as principal
10 matches
Mail list logo