[olug] September meeting: Kerberos and LDAP for cross-platform authentication

OBrien, Timothy (Omaha Linux Users Group - OLUG) IrishMASMS at olug.org
Sat Aug 30 20:40:28 UTC 2003

Big props & thanks to Bob McCoy for volunteering to give his presentation
from the CERT Conference, about using Kerberos and LDAP for cross-platform

This was one of the presentations I wanted to see but was unable to; and
feel thankful to Bob  for volunteering to give the presentation at our
next OLUG meeting.  Now, his presentation will not be totally open source,
nor will it be a total religious experience praising the open source or
Linux movement (none of the presentations at OLUG have to be); but it will
be technically sound that everyone (no matter what the skill  level) can
glean something from.

This is a good opportunity for those of us that are in a mixed environment
to hear about one of the cross platform solutions out there. I highly
suggest you attend, and please leave the open source religious fanaticism
at the door.

Notes on Bob's presentation, that he posted to the OLUG list on Thu,
August 28, 2003 2:51 pm:
Here are some of the things you may want to weigh:
- This is not a "roll your own" or free solution.  It's based on Vintela
Authentication Service (VAS) <http://www.center7.com/us/products/vas/>.
Check out the reviewer's guide for a quick overview.
- It uses Active Directory as its credential store.
- It currently supports Linux and Solaris.
- It only takes about 15 minutes to get the whole thing up and running
-- AD schema extended, agent installed on the UNIX box, UNIX box joined to
the domain, AD user attributes updated as necessary, AD user logged into
UNIX box (all that with the AD user never having logged into the UNIX box
before, created its home directory on the fly, and no reboots).
- It makes very efficient use of PAM and NSSwitch.

However, if it must be an Open Source solution, or you find the use of AD
as your credential store untenable, then this is not the solution for you.

By the way, one of the principals involved in VAS is John Terpstra.  He is
a member of the Open Group and has been a major contributor to Samba over
the years.

<b>Next months meeting possible topic:</b>
Linux & the Xbox by Tim - DZ and possibly others
OpenSSH by Matthew G. Marsh

<b>Confused to when & where the meeting is? Read the FAQ:</b>

<B>Willing to give a presentation at OLUG? Here are the topics that fellow
OLUGers are looking for, listed in the OLUG FAQ:</b>

Timothy "Irish" O'Brien
Publicity & Social activities chairperson
Omaha Linux User's Group (OLUG)
A: No.
Q: Should I include e-mail quotations after my reply?
An often repeated quote on news.admin.net-abuse.email:
"Spam is not about content, it is about consent".

More information about the OLUG mailing list