Post #317,747
11/24/09 2:56:31 AM
|
The madness! The madness! Credential Craziness!
I've just been tallying up how many sets of authentication credentials I maintain at work.
The answer is at least 14.
The insanity comes from the rather unpleasant realisation that nine of these are internal. The other 5 are probably intractable, as they're third-party websites run by organisations which are unlikely to want to expose their delicate bits to our organisation's delicate bits in a rather pornographic authentication-fest.
I'd never really paid any heed to SSO before, but now I'm a believer.
|
Post #317,751
11/24/09 8:47:17 AM
|
Let Microsoft manage it all. They've got GREAT...
Things just for authentication!
|
Post #317,753
11/24/09 9:14:19 AM
|
Hailstorm! No ... Palladium! No, wait ...
What are they calling it this week. Passport? Is that still it?
--
Drew
|
Post #317,758
11/24/09 9:56:43 AM
|
no, they use AD
and for convenience for techies the two tier login to the management login is AD/something else so when a new employee comes on board the $MS drones fill all the gaps and when employee leaves the employ the ability to log into the back is gone. Before silo managers had to manage admin access. No longer, let the MS madness take care of it.
|
Post #317,759
11/24/09 10:14:39 AM
|
We have SSO
And I still need to maintain about a dozen different sets of credentials.
Its a PITA that is not going to go away.
I will choose a path that's clear. I will choose freewill.
|
Post #317,762
11/24/09 11:15:19 AM
|
We have SSO-ish
I have a single username/password that is synchronized across (nearly) all systems. But I still have to type it in again whenever I launch a new system.
--
Drew
|
Post #317,776
11/24/09 3:34:59 PM
|
Right now, I'd settle for that.
|
Post #317,781
11/24/09 6:36:42 PM
|
It is something that Linux needs to get on top of.
I regularly or semi-regularly log into ten Linux boxes, one of them my own. SSH keys help, but really solve the wrong problem.
I've worked in an NIS+ environment before. It was kinda nice, but fragile. And it was very annoying we couldn't mix FreeBSD and Linux; the NIS+ protocol is closely dependant on how the systems locally do things like password storage. No surprise, Linux and BSD diverge there.
Wade.
Q:Is it proper to eat cheeseburgers with your fingers? A:No, the fingers should be eaten separately.
|
Post #317,782
11/24/09 6:43:06 PM
|
radius, been around forever
|
Post #317,784
11/24/09 6:52:28 PM
|
That's designed for dial-in network authentication.
And is used extensively for just that. But how well does it integrate with a standard XDM login on an X window server? Maybe you're thinking of Kerberos.
Wade.
Q:Is it proper to eat cheeseburgers with your fingers? A:No, the fingers should be eaten separately.
|
Post #317,787
11/24/09 9:13:08 PM
|
not just for dialup
|
Post #317,794
11/24/09 10:34:52 PM
|
LDAP
We use LDAP and it does everything.
|
Post #317,849
11/26/09 10:06:49 AM
|
NIS is much easier to manage and less fragile than NIS+
I prefer it by far.
|