[KLUG Advocacy] M$ released the PAC?
Adam Williams
advocacy@kalamazoolinux.org
18 Jan 2003 10:26:53 -0500
>With Kerebos being available, and now part of AD, I don't see any reason why
>this has to exist. Sure, it could have existed in the past, but with MS
>adopting and extending it now, why haven't I seen it implemented here yet?
Most services running on any recent RH box already support Kerberos.
>Has -anybody- seen Kerebos implemented properly at all?
Absolutely, yes. There is even a presentation on the KLUG website about
it.
>If you have, has it been the MS version of it?
Nope, MIT. The one that ships with RedHat.
>The only reason I can gather (and I didn't follow the link) that MS might
>finally publish this restriction free is because it's been so slowly adopted.
>For as much stink as the Kerebos extensions got I would have thought it's
>implementation would be wide-spread, but that doesn't seem to be the case.
Active Directory *IS* Kerberos. I'd call that widely adopted.
>Have I just been working in sheltered environments, or is there real worth
>to actually being able to communicate the MS-Kerebos standard?
Yes, supporting XP client fully, and XP/2000 clients in ADS mode vs.
mixed mode which Samba does now. And of course single-sign-on.