- Previous message: Estevam Henrique Carvalho: "Kerberos x pam"
- In reply to: Estevam Henrique Carvalho: "Kerberos x pam"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Rob Siemborski (rjs3 at andrew dot cmu dot edu)
Date: Wed Mar 17 2004 - 09:39:51 EST
I'm not sure about your windows-related issues, but I can speek from a
Heimdal Kerberos enviornment..
On Wed, 17 Mar 2004, Estevam Henrique Carvalho wrote:
> What is the best way of providing the users to access the e-mail using the
> Windows password ? pam_winbind or Kerberos ?
>
> Will the Kerberos 5 work with Cyrus and SASL ?
Yes -- though, as I said, I'll remain silent about Microsoft Kerberos.
> Does Kerberos also require plan text password as pam modules does ?
If you mean "plaintext over the network" -- neither of these requires
that, you can always throw a TLS layer on top to protect the plaintext
password. Kerberos (via the GSSAPI SASL mechanism) will avoid sending the
password across the network alltogether, however.
> This message may contain confidential and/or privileged information. If you
> are not the addressee or authorized to receive this for the addressee, you
> must not use, copy, disclose, change, take any action based on this message
> or any information herein. If you have received this message in error,
> please advise the sender immediately by reply e-mail and delete this
> message. Thank you for your cooperation.
This sort of disclaimer used on a public mailing list can make it very
difficult to respond.
-Rob
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
Research Systems Programmer * /usr/contributed Gatekeeper
|
|
|