Unix / Windows Interoperability
rsharpe at richardsharpe.com
Fri Dec 6 04:46:47 CST 2002
On Thu, 5 Dec 2002, Glen Turner wrote:
> Matthew Geddes wrote:
> > Another advantage is that you can point and Mac OSX clients you may have
> > lying around directly at the LDAP directory and they can authenticate
> > using the UNIX user accounts.
> You can also gateway RADIUS and TACACS+ into LDAP, which
> we find handy for authenticating access to the network
> The downside to a single password environment is the need
> to keep that password secret -- there are still a surprising
> number of protocols with use plain-text passwords. So
> whatever mechanism you use, you also need to get your
> head around SSL and TLS and their use of certificates.
> As one nasty example, there doesn't seem to be a way to
> authenticate with a web proxy that doesn't put a plain
> text password on the wire. Ouch.
I don't think that is true. Andrew Bartlett has done a lot of work with
the Squid folks to allow the use of NTLMSSP against Samba.
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on irc.openprojects.net
To unsubscribe from the LinuxSA list:
mail linuxsa-request at linuxsa.org.au with "unsubscribe" as the subject
More information about the linuxsa