tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Going LDAP #2

Thor Lancelot Simon wrote:
> On Mon, May 26, 2008 at 08:01:54PM +0200, Anders Magnusson wrote:
>>         xxinit -c (client)
>>                 - Asks about the master machine and root password for it.
>>                   This will get the configuration for the domain out
>>                   of ldap and fetch a machine key.
> What is the "it" here?  If "it" means the master machine, so the LDAP
> server and KDC's root password would have to be entered into each client
> when that client is initialized, I really, *really* don't like this.
This should be read "principal that can extract a host keytab" for the
Which may or may not be root, depending of how the system is configured.

-- Ragge

Home | Main Index | Thread Index | Old Index