SUMMARY: single sign on

From: Robert T. Clift (rclift@nswc.navy.mil)
Date: Wed Aug 19 1998 - 08:20:00 CDT


Thanks to all for the responses. This seems to be a big problem among alot of
administrators. I have not investigated thoroughly but I did receive some
leads.

My orig question:

> Is anyone using a single sign on method for Novell,NT, and Unix? I am looking
> for something where a logon would be the same for all three and the password
> will be encrypted over the network. Also the user should be able to have a
> password that would be sync'd on all three OS's when changed.
>

Responses:

--------------
You might want to point your browser to http://www.syntunix.com. They have
such a beastie, tho I am not sure if it also handles Novell.

Hope this helps!

--Rob

--
Robert Owen Thomas
mailto:robt@cymru.com
---------------

At the moment I am looking into the same thing (posted yesterday on this list :-)

I will send the summary "info on kerberos / ..." when i have finished gathering the material.

I dont't know about novell, I only worry about NT-Solaris at the moment.

i) MIT's Kerberos: Solaris supports it (through PAM-Mechanism) NT will support it in v5.0, but it is rumeoured that Microsofts Kerberos implementation will not be compatible with MIT's. ii) ssh: useful only between unix-machines and 'telnet' logins from NT. iii) NIS: there is a free NIS-Client for NT. But NIS has no security and I don't know how this integrates into NT.

another (hack) solution is:

* keep an account-database on unix (we do it in perl) * allow users to change pw over a webpage (use SSL enryption) (we dont do that, its just an idea I had) on an unix-server * you can set the unix-pw from this and also the nt-password: rsh <nt-server> net user username pw you need an rshd for nt (free versions available somewhere)

Benno

(will send my summary in the next 2 days)

-------------------------------------------------------------------------- "Kurt Cobain lives"?! Empirical evidence would suggest otherwise...

- Sebastian Benoit - benoit@mathematik.uni-marburg.de - http://www.mathematik.uni-marburg.de/~benoit

--------------

-- Tom Clift Unix System Admin. (540)653-8146 NCI Information Systems Inc. rclift@nswc.navy.mil



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:46 CDT