Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How do you manage your DMZ server accounts?
Top Forums UNIX for Advanced & Expert Users How do you manage your DMZ server accounts? Post 302337108 by humbletech99 on Thursday 23rd of July 2009 11:38:19 AM
Old 07-23-2009
PHP How do you manage your DMZ server accounts?
I'd just like to know what you use for user account management on your DMZ servers?

Do you use the same authentication realm as internally?

Do you use a different authentication realm, perhaps only for the DMZ?

Do you use local accounts?
 

5 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

How to migrate user accounts to a new server

Hello All, I am a student sys admin and not a professional. I'd like to know how can I migrate the user accounts in the current server to a new server( to be installed) non-destructively. Also in what way the old server can be used after installation of the new server. I'd sincerely... (2 Replies)
Discussion started by: maybemedic
2 Replies

2. Solaris

NIS server to manage NFS quota

I have a Solaris NIS master server to manage my Solaris NIS clients' passwd, group, shadow. I also have a EMC NAS. The NAS is NFS mounted on my clients. I would like to use disk quota to manage my users. From what I read from the SUN doc, quota can be implemented on the Solaris NFS client... (0 Replies)
Discussion started by: izy100
0 Replies

3. UNIX for Advanced & Expert Users

possible to lock accounts (passwd -l) and still allow acct to ssh to other server?

My scenario is as follows: We have a handful of batch accounts that run our production jobs. Our users are able to use sudo to become that account. Also, because of other reasons, the passwords are also listed in an encrypted file that each team can see their batch ID. So, I have some users... (5 Replies)
Discussion started by: cpolikowsky
5 Replies

4. UNIX for Advanced & Expert Users

How can I send a mail from my outlook or other mail accounts to UNIX server?

Hi all, I want to send a mail for my business needs from outlook account to an unix server (HP-UX) but I don't send any mail. While I can send from the unix server to my outlook account, I can't send from outlook to unix. How can I achieve this ? How can I send a mail from my outlook or other... (2 Replies)
Discussion started by: igelegin
2 Replies

5. UNIX and Linux Applications

One DMZ server reverse proxy for 2 websites

Hi All, Hope this is the correct thread to ask this, if not, can an admin please move it to the correct thread. Got a wee problem I hope someone can point me in the right direction. I have Network A with two servers hosting separate webpages (I will call these WP1 & WP2). A DMZ server... (6 Replies)
Discussion started by: dakelly
6 Replies

LEARN ABOUT DEBIAN

shishi_tkt_transited_policy_checked_p

shishi_tkt_transited_policy_checked_p(3)			      shishi				  shishi_tkt_transited_policy_checked_p(3)

NAME

       shishi_tkt_transited_policy_checked_p - API function

SYNOPSIS

       #include <shishi.h>

       int shishi_tkt_transited_policy_checked_p(Shishi_tkt * tkt);

ARGUMENTS

       Shishi_tkt * tkt
		   input variable with ticket info.

DESCRIPTION

       Determine if ticket has been policy checked for transit.

       The application server is ultimately responsible for accepting or rejecting authentication and SHOULD check that only suitably trusted KDCs
       are relied upon to authenticate a principal.  The transited field in the ticket identifies which realms (and thus which KDCs) were involved
       in  the authentication process and an application server would normally check this field. If any of these are untrusted to authenticate the
       indicated client principal (probably determined by a realm-based policy), the authentication attempt MUST  be  rejected.  The  presence	of
       trusted KDCs in this list does not provide any guarantee; an untrusted KDC may have fabricated the list.

       While the end server ultimately decides whether authentication is valid, the KDC for the end server's realm MAY apply a realm specific pol-
       icy for validating the transited field and accepting credentials for cross-realm authentication. When  the  KDC	applies  such  checks  and
       accepts	such  cross-realm  authentication  it  will  set  the  TRANSITED-POLICY-CHECKED flag in the service tickets it issues based on the
       cross-realm TGT. A client MAY request that the KDCs not check the transited field by setting the  DISABLE-TRANSITED-CHECK  flag.  KDCs  are
       encouraged but not required to honor this flag.

       Application  servers  MUST either do the transited-realm checks themselves, or reject cross-realm tickets without TRANSITED-POLICY- CHECKED
       set.

RETURN VALUE

       Returns non-0 iff transited-policy-checked flag is set in ticket.

REPORTING BUGS

       Report bugs to <bug-shishi@gnu.org>.

COPYRIGHT

       Copyright (C) 2002-2010 Simon Josefsson.
       Copying and distribution of this file, with or without modification, are permitted in any medium without  royalty  provided  the  copyright
       notice and this notice are preserved.

SEE ALSO

       The  full documentation for shishi is maintained as a Texinfo manual.  If the info and shishi programs are properly installed at your site,
       the command

	      info shishi

       should give you access to the complete manual.

shishi								       1.0.1				  shishi_tkt_transited_policy_checked_p(3)
All times are GMT -4. The time now is 02:43 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy