From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: tuhs-bounces@minnie.tuhs.org X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=0.6 required=5.0 tests=MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE,SUBJ_ALL_CAPS autolearn=no autolearn_force=no version=3.4.2 Received: from minnie.tuhs.org (minnie.tuhs.org [45.79.103.53]) by inbox.vuxu.org (OpenSMTPD) with ESMTP id 33695295 for ; Tue, 6 Nov 2018 15:28:44 +0000 (UTC) Received: by minnie.tuhs.org (Postfix, from userid 112) id 10089A2422; Wed, 7 Nov 2018 01:28:43 +1000 (AEST) Received: from minnie.tuhs.org (localhost [127.0.0.1]) by minnie.tuhs.org (Postfix) with ESMTP id 53E02A215C; Wed, 7 Nov 2018 01:28:21 +1000 (AEST) Received: by minnie.tuhs.org (Postfix, from userid 112) id 84BE8A215E; Tue, 6 Nov 2018 22:59:25 +1000 (AEST) Received: from post.cogs.com (post.cogs.com [72.43.6.86]) by minnie.tuhs.org (Postfix) with ESMTPS id 3C41DA215A for ; Tue, 6 Nov 2018 22:59:24 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by post.cogs.com (Postfix) with ESMTP id 6EEAE101803E31; Tue, 6 Nov 2018 07:59:23 -0500 (EST) X-Virus-Scanned: amavisd-new at cogs.com Received: from post.cogs.com ([127.0.0.1]) by localhost (post.cogs.com [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id sGWuczm26V-E; Tue, 6 Nov 2018 07:59:23 -0500 (EST) Received: from rrcs-108-176-86-106.nys.biz.rr.com (rrcs-108-176-86-106.nys.biz.rr.com [108.176.86.106]) by post.cogs.com (Postfix) with ESMTPSA id EA3DA101803E2B; Tue, 6 Nov 2018 07:59:22 -0500 (EST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 12.1 \(3445.100.43\)) In-Reply-To: <4505fa46-380b-2a2d-2e9b-e114369fbc5d@spamtrap.tnetconsulting.net> Date: Tue, 6 Nov 2018 07:59:22 -0500 Content-Transfer-Encoding: quoted-printable Message-Id: <82EB9899-0D1D-44DB-BB7D-61E12B621551@cogs.com> References: <0289fa26-d157-8a65-389e-61dd7a01fcc4@spamtrap.tnetconsulting.net> <4505fa46-380b-2a2d-2e9b-e114369fbc5d@spamtrap.tnetconsulting.net> To: Grant Taylor X-Mailer: Apple Mail (2.3445.100.43) Subject: Re: [TUHS] YP / NIS / NIS+ / LDAP X-BeenThere: tuhs@minnie.tuhs.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: The Unix Heritage Society mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Ben Greenfield via TUHS Reply-To: Ben Greenfield Cc: tuhs@minnie.tuhs.org Errors-To: tuhs-bounces@minnie.tuhs.org Sender: "TUHS" > On Nov 5, 2018, at 11:58 PM, Grant Taylor via TUHS = wrote: >=20 > On 11/05/2018 02:43 PM, Ben Greenfield via TUHS wrote: >> I found that I had to do all of this using SASL. >=20 > At first read I was thinking "SASL? Really?". Then I remembered that = Simple Authentication and Security Layer is really just an abstraction = layer. An abstraction layer that very easily could have (but I don't = know one way or the other) a back end to Kerberos. >=20 >> I remember it as SASL would handle the kerberization during boot up = getting tickets for each LDAP entry that you wanted mapped to a service = on that client. >=20 > Hum. >=20 >> I could be wrong but I think SASL seems to be way connect services on = Linux with LDAP that are served kerberized. >=20 > I've always viewed SASL as a way for applications to outsource the = authentication / security so that the program code didn't need to worry = about it. It also allowed SASL to manage supporting all the different = back end security methods. >=20 > I also think much the same about PAM. - In fact, I don't think I = could properly differentiate between PAM and SASL. Yes, pam when I was trying to figure out how to put it altogether PAM = was always working in the background but I believe it was the SASL = configs that pointed to my Open Directory server that centralized our = Linux accounts. So as strange as it may seem to some there have be = instances were OS X served Linux clients:) >=20 >=20 >=20 > --=20 > Grant. . . . > unix || die >=20