Hi Bob, Your single login idea sounds great on paper but doesn't work with the platforms you mentioned unless you set up an NIS domain and install NIS and NFS on Windows 2000. Even then, you may have problems with Windows 2000 sending the NIS login information to the UNIX systems. I have tried this several times and was really unhappy with anyone's NIS on Windows. I had to read all the official government documentation on HIPAA to build a new environment for an orthodontist recently. A single login across platforms is not required for HIPAA, but everyone who must access a system must have an audited account on that system assigned to him or her. In other words, no shared or generic accounts. Reasonable timeouts are required for terminals that are logged in but standing idle. Everything else is the standard security procedures any good sysadm would build into his systems anyway. If you have any questions, please feel free to email me. If I don't know the answer, I probably can point you to where the answer can be found. Tom Thomas S. Fortner Burleson, Texas thomas.fortner@xxxxxxxxxxxxx "but we preach Christ crucified..." 1 Corinthians 1:23 Hi all, I am interested in establishing a single user login at my office that has about 60 machines total running on the network. This is a heterogeneous network with AIX, Linux, and Windows. I am wondering if I am better off spending my time reading up and trying to establish an LDAP server and then use that to authenticate or whether Kerberos will satisfy my needs. Currently we are in an entirely trusted network setup. The new HIPPA regulations, however, make it clear that such a setup is not due diligence and I need to have unique logins and passwords for every employee and employ some sort of logging mechanism. Your thoughts regarding the way to go will be appreciated. Thanks, Bob Hartung -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
