O'Reilly logo

Linux in a Windows World by Roderick W Smith

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Summary

Compared to other remote authentication tools, Kerberos is unusual; it’s designed to manage entire network logins, rather than desktop computer logins. As such, it’s best suited for environments in which users frequently use multiple servers, with protocols such as Telnet or FTP. Kerberos configuration requires configuring three computer classes: the KDC, the application servers, and the clients. All have certain commonalities, such as the krb5.conf file, but each has its unique features, as well. Considered as a cross-platform tool, Kerberos can be an integrative tool, but Microsoft’s non-standard Kerberos implementation throws a monkey wrench into the equation. Cross-platform Kerberos use works best with a Microsoft KDC (in the form of an AD controller) and non-Microsoft application servers or clients; using Microsoft application servers or clients with a non-Microsoft KDC is trickier, although it’s still possible, and sometimes worthwhile, for some purposes.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required