speedy zinc wrote:
No. You have to set up the usual Kerberos TGS. The directory server merely uses the tickets, like any other server/service.Thanks for replying. --- Rich Megginson <rmeggins@xxxxxxxxxx> wrote:Or does that mean I need to setup a kerberos server and use RHDSasthe backend for user information?Yes. When you use kinit to acquire your ticket, youcan use that ticket to authenticate to the directory server.So, if I understand what you're saying, the directory server is acting as the TGS?
I'm not sure. The instructions we have in our docs are geared towards MIT, but Heimdal may work just fine.I'm going to setup a kerberos tonight. Which one works better with FDS? MIT or Heimdal?
It can also mean chaining. You can set up the directory server to use another directory server as a database - what we refer to as a chaining backend or database in our docs. The use of a directory server to act as a "front-end" to another directory server is also called a proxy.And this one: - Impersonation (proxy) for multi-tier client applications. Could someone explain what does it mean and how canitbe used?Sure. This is most often used with web apps orother apps that set up a pool of connections to the directory server. Each connection in the pool is bound as a proxy user. When a real user wants to authenticate, the proxy connection passes the real user's bind credentials to the directory server using the proxy auth control.Oh, ok. I was thinking about something else :)
sz__________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
