Unix / Windows Interoperability

Richard Sharpe rsharpe at richardsharpe.com
Fri Dec 6 04:46:47 CST 2002

On Thu, 5 Dec 2002, Glen Turner wrote:

> Matthew Geddes wrote:
> > Another advantage is that you can point and Mac OSX clients you may have
> > lying around directly at the LDAP directory and they can authenticate
> > using the UNIX user accounts.
> You can also gateway RADIUS and TACACS+ into LDAP, which
> we find handy for authenticating access to the network
> equipment.
> The downside to a single password environment is the need
> to keep that password secret -- there are still a surprising
> number of protocols with use plain-text passwords.  So
> whatever mechanism you use, you also need to get your
> head around SSL and TLS and their use of certificates.
> As one nasty example, there doesn't seem to be a way to
> authenticate with a web proxy that doesn't put a plain
> text password on the wire.  Ouch.

I don't think that is true. Andrew Bartlett has done a lot of work with 
the Squid folks to allow the use of NTLMSSP against Samba.

Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, 
sharpe[at]ethereal.com, http://www.richardsharpe.com

LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on irc.openprojects.net
To unsubscribe from the LinuxSA list:
  mail linuxsa-request at linuxsa.org.au with "unsubscribe" as the subject

More information about the linuxsa mailing list