On Tue, 2004-03-30 at 13:12, Richard Gundersen wrote: > Hi > > I am evaluating the suitability of Kerberos for a large scale implementation > (100's of users), where the apps will primarily be running on Java App > servers. I have MIT working in a test environment (Linux server, Windows > clients, custom Java apps) but I'm worried about how easy it is to manage > principles etc etc on a large scale. We plan to manage +100000 users in a kerberos realm. > > Kadmin works fine at the current scale but in a real implementation I don't > want to have to use kadmin from the console to manage user. In fact this job > will be given to a userwho will certainly not want to start writing > scripts/SSH'ing to the server. > > Ideally a web app front end would be written - but so far from the > documentation and books I've read, there's no easy way to communicate with > kadmin (I'm thinking a nice C or Java API here). Surely this must be > possible with one of the open source versions available. We have a interface to manage accounts in the kerberos realm, but using a LDAP backend as the KDC database. Unfortunately MIT has no such interface. We use heimdal instead. I think MIT is reluctant to provide a LDAP backend.
________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
