[Fedora-directory-users] Question about Kerberos and FDS
speedy zinc
speedy_zinc at yahoo.com
Tue Oct 18 03:40:25 UTC 2005
Thanks for replying.
--- Rich Megginson <rmeggins at redhat.com> wrote:
> >Or does that
> >mean I need to setup a kerberos server and use RHDS
> as
> >the backend for user information?
> >
> >
> Yes. When you use kinit to acquire your ticket, you
> can use that ticket
> to authenticate to the directory server.
>
So, if I understand what you're saying, the directory
server is acting as the TGS?
I'm going to setup a kerberos tonight. Which one works
better with FDS? MIT or Heimdal?
> >And this one:
> >- Impersonation (proxy) for multi-tier client
> >applications.
> >
> >Could someone explain what does it mean and how can
> it
> >be used?
> >
> >
> Sure. This is most often used with web apps or
> other apps that set up a
> pool of connections to the directory server. Each
> connection in the
> pool is bound as a proxy user. When a real user
> wants to authenticate,
> the proxy connection passes the real user's bind
> credentials to the
> directory server using the proxy auth control.
>
Oh, ok. I was thinking about something else :)
sz
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
More information about the 389-users
mailing list