2.4. Kerberos

Kerberos is the preferred method for pretty much every directory service on the market to supplement LDAPv3, supplying enhanced password features, single sign-on, or both. Mac OS X is no different and the Kerberos client plays well either in its own Open Directory environments or in environments managed by other solutions. Mac OS X actually has a Kerberos Key Distribution Center (KDC) built into every single computer, used for securing peer-to-peer communications.

Managing Kerberos on a Mac OS X computer is mostly handled for you. There is very little to do in most environments. When you log into the first Kerberised service, be it an initial authentication into a Mac OS X client or via AFP to a SharePoint, at that initial authentication ...

Get Enterprise Mac Administrator's Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.