* Bob Tanner <tanner at real-time.com> [020501 00:06]: > Others argue about security issue in kerberos. Still others argue that kerberos > is the only was to support things like secure/token cards. Kerberos is still one of the few methods you can directly avoid distributing all the password hashes to clients in a cross-platform manner. LDAP can be configured to do the same, but isn't nearly as cross-platform and mature as kerberos yet. Downside about krb: its a pita to get going, its a pita to move to it from anything else, allmost. -- Scott Dier <dieman at ringworld.org> http://www.ringworld.org/