Section 7.6. Kerberosand Single Sign-on


7.6. Kerberos and Single Sign-on

Kerberos is a network authentication protocol that was developed at MIT to allow applications to identify users over open and insecure networks. It is used by governments, large corporations, and higher education. Kerberos is also the native authentication protocol of Active Directory. Since Jaguar, Apple has been moving aggressively to support Kerberos in both Mac OS X Server and Mac OS Xas well as all of the password-using applications in Mac OS X such as Mail, FTP, SSH, and Apple File Sharing. The reason Apple is making this push is to enable single sign-on .

Single sign-on means that after a user enters a name and a password in the login window, every application on the system that needs to authenticate itself for a network servicefor example, Mail wanting to log into the mail servercan do so automatically without requiring the user to enter a different username and password.

For users of Mac OS X, either Kerberos is configured for your network and it just works out of the box, or there is a bit of configuration work to be accomplished. If your network falls into the second category, you'll need to get some information from your system administrator.




Running Mac OS X Tiger
Running Mac OS X Tiger: A No-Compromise Power Users Guide to the Mac (Animal Guide)
ISBN: 0596009135
EAN: 2147483647
Year: 2004
Pages: 166

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net