Subject: Re: Centralized User and Password Management
To: <>
From: Luke Mewburn <>
List: netbsd-users
Date: 11/24/2004 16:44:10
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Nov 24, 2004 at 12:18:43AM -0500, Chuck Swiger wrote:
  | Thomas T. Thai wrote:
  | >I'm curious what people are using to centralize authentication and use=
  | >password, and services management. What are your thoughts on each? I'm=
  | >aware of these Open Source solutions:
  | >
  | >- NIS (YP) - insecure
  | >- Hesiod + Kerberos
  | The next two candidates would be LDAP and maybe even Apple's NetInfo.

Another possibility in the near future:
	Active Directory Services from a Microsoft Windows 200x Server
It's implemented on top of LDAP + Kerberos 5.
You can use kinit to get krb5 tickets from an ADS server in NetBSD.

Once NetBSD has PAM, it will be possible to port Samba's pam_winbind
module to NetBSD for authenticating users using their ADS account
details.   (We also need the nsswitch module, which
I have working privately and intend to feedback into the Samba3

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.6 (NetBSD)