Re: [Networker] 7.1.3 client DNS checks and multihomed clients
2005-08-23 03:44:56
In regard to: Re: [Networker] 7.1.3 client DNS checks and multihomed...:
EMC/Legato really needs to reconsider the dependence on hostnames in
their authentication schemes. I'd prefer to see some sort of shared key
between the client and server that uniquely defines the client, and then
slacking the rules on checking for the same hostname or Windows NetBIOS
name. That would let clients that connect to dynamic IP networks
backup, and would get around the DNS/AD naming conflicts. It'd be safer
too.
I agree with you and Charles; that would be best. There were rumors
before version 7.x was released that it would include Kerberos 5 under the
hood, but apparently those were just rumors.
What we *did* get, though, is a new security mechanism that takes a
namespace that's mostly unique (DNS) and truncates it to a namespace
that's certainly not. ;-)
Tim
--
Tim Mooney mooney AT dogbert.cc.ndsu.NoDak DOT edu
Information Technology Services (701) 231-1076 (Voice)
Room 242-J6, IACC Building (701) 231-8541 (Fax)
North Dakota State University, Fargo, ND 58105-5164
To sign off this list, send email to listserv AT listserv.temple DOT edu and type
"signoff networker" in the
body of the email. Please write to networker-request AT listserv.temple DOT edu
if you have any problems
wit this list. You can access the archives at
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
|
|
|