FWD: User Authentication in a Hostile Environment.

[Richard Sharpe]

Forwarded from another mailing list.

Users of large environments wanting backup authentication servers.

In this case the discussion started around Samba's ability to use Kerberos
for Authentication.

>
>On Tue, 9 Mar 1999, Andrew Smith wrote:
>
>> home directories. The really cool thing is that this Samba server
>> throws off authentication to our kerberos server, so these students
>> can use the same username and password to access various services
>> around Uni.
>
>Said authentication (of UQ Ipswich), I assume, is being chucked at a
>secondary kerberos server, rather than back to the primary server at UQ HQ
>(St Lucia) .
>
>Having been in a similar situation of having to authenticate users over a
>problematic link (in that instance, a Telstra PAPL line, with its
>attendant 'if it breaks, we've got 7 days to fix it' usage), I'm curious
>as to what other people consider to be 'a good thing' in the way of
>consistent (user or service) authentication over staggered infrastructure.
>
>Not just in the authentication protocol of choice, but also in the way of
>secondary authentication servers, keeping the secondaries synced with the
>master (or masters) etc etc.
>
>Regards,
>
>--==--
>Bruce.
>
>"I'm sure they'll listen to Reason"
>
>REASON: Gatling-type 3mm hypervelocity railgun system, Ng Security Industries
>        Ultima Ratio Regum.
>			-- Snow Crash.


Regards
-------
Richard Sharpe, sharpe at ns.aus.com, NIC-Handle:RJS96
NS Computer Software and Services P/L, 
Ph: +61-8-8281-0063, FAX: +61-8-8250-2080, 
Samba (Team member), Linux, Apache, Digital UNIX, AIX, C, ...