0
What are LDAP and Kerberos and why are they important for the Client Access Server role?
Wiki User
∙ 12y ago
because the were smart
Wiki User
∙ 12y ago
Add your answer:
Earn +20 pts
What authentication system uses tickets as part of the authentication process?
Kerberos Version 5 is standard on all versions of Windows 2000 and ensures the highest level of security to network resources. The Kerberos protocol name is based on the three- headed dog figure from Greek mythology known as Kerberos. The three heads of Kerberos comprise the Key Distribution Center (KDC), the client user and the server with the desired service to access. The KDC is installed as part of the domain controller and performs two service functions: the Authentication Service (AS) and the Ticket-Granting Service (TGS). three exchanges are involved when the client initially accesses a server resource:AS ExchangeTGS ExchangeClient/Server (CS) Exchange
What is another term for a remote access server?
client server
What controls access to the resources of the network?
Nope a server does
Can a client server also be known as simply an access server?
It depends, but usually yes
What is handshake in packet transmission?
The TCP 3 way handshake is when the server states what ports it has open, the client requests access to the port, and the server grants access. Layman's terms: Server - I have beer at my place. Client - Can I come over? Server - Sure!
What server provides client computers with access to information stored in database?
database server
What is kerberos realms?
A full service kerberos environment consisting of kerberos server and clients and application servers requires kerberos server to maintain a database containing users name and their hashed password and realm sets up aboundary within which authentication server can authenticate users. In general we can say realm is set of nodes sharing a common database.
What is CAL in server licenses?
A Client Access License (CAL) is a kind of software license that legally permits client computers to connect to server software
What is Kerberos Authentication?
http://en.wikipedia.org/wiki/Kerberos_(protocol) Why ask a question when you can more easily and quickly read the answer on wikipedia? This is true for a large majority of questions that start with "What is"
How much important is a processor in a client computer of a client-server network?
no much because all the work is processed at the server level and result are sent to client
What is the term for a computer that processes request from other computers to access a data base?
A server is a machine that processes requests from a client. In this case a client is asking a server to retrieve information stored in a database on the server. So the answer is a server.
What is the explanation for the step wise procedure for kerberos?
19.6. Configuring a Kerberos 5 ClientSetting up a Kerberos 5 client is less involved than setting up a server. At a minimum, install the client packages and provide each client with a valid krb5.conf configuration file. Kerberized versions of rsh and rlogin also requires some configuration changes.Be sure that time synchronization is in place between the Kerberos client and the KDC. Refer to Section 19.5 Configuring a Kerberos 5 Server for more information. In addition, verify that DNS is working properly on the Kerberos client before configuring the Kerberos client programs.Install the krb5-libs and krb5-workstation packages on all of the client machines. Supply a valid /etc/krb5.conf file for each client (usually this can be the same krb5.conf file used by the KDC).Before a workstation in the realm can allow users to connect using kerberized rsh and rlogin, that workstation must have the xinetd package installed and have its own host principal in the Kerberos database. The kshd and klogind server programs also need access to the keys for their service's principal.Using kadmin, add a host principal for the workstation on the KDC. The instance in this case is the hostname of the workstation. Use the -randkey option for the kadmin's addprinc command to create the principal and assign it a random key: addprinc -randkey host/blah.example.comNow that the principal has been created, keys can be extracted for the workstation by running kadmin on the workstation itself, and using the ktadd command within kadmin: ktadd -k /etc/krb5.keytab host/blah.example.comTo use other kerberized network services, they must first be started. Below is a list of some common kerberized services and instructions about enabling them:rsh and rlogin - To use the kerberized versions of rsh and rlogin, enable klogin, eklogin, and kshell.Telnet - To use kerberized Telnet, krb5-telnet must be enabled.FTP - To provide FTP access, create and extract a key for the principal with a root of ftp. Be certain to set the instance to the fully qualified hostname of the FTP server, then enable gssftp.IMAP - To use a kerberized IMAP server, the cyrus-imap package uses Kerberos 5 if it also has the cyrus-sasl-gssapi package installed. The cyrus-sasl-gssapi package contains the Cyrus SASL plugins which support GSS-API authentication. Cyrus IMAP should function properly with Kerberos as long as the cyrus user is able to find the proper key in /etc/krb5.keytab, and the root for the principal is set to imap (created with kadmin).The dovecot package also contains an IMAP server alternative to cyrus-imap, which is also included with Red Hat Enterprise Linux, but does not support GSS-API and Kerberos to date.CVS - To use a kerberized CVS server, gserver uses a principal with a root of cvs and is otherwise identical to the CVS pserver.Prashanth Katti
