* Bob Tanner <tanner at real-time.com> [020501 00:06]:
> Others argue about security issue in kerberos. Still others argue that kerberos
> is the only was to support things like secure/token cards.

Kerberos is still one of the few methods you can directly avoid
distributing all the password hashes to clients in a cross-platform
manner.

LDAP can be configured to do the same, but isn't nearly as
cross-platform and mature as kerberos yet.

Downside about krb: its a pita to get going, its a pita to move to it
from anything else, allmost.

-- 
Scott Dier <dieman at ringworld.org> http://www.ringworld.org/