D.0 Using the Novell Kerberos KDC to Support ZENworks Dynamic Local Users

Kerberos*, an authentication protocol developed at MIT, requires entities (for example, a user and a network service) that need to communicate over an insecure network to prove their identity to one another so that secure authentication can take place.

The Kerberos protocol has been proven to be highly trusted and valuable security tool for providing secure network authentication. Kerberos functionality is included natively in a Windows* Active Directory* environment, but there are administrators who want to use Kerberos with Novell® eDirectory® (in conjunction with the dynamic local user (DLU) accounts created by ZENworks®Desktop Management) in their NetWare® or Linux environments.

Kerberos requires the use of a Key Distribution Center (KDC) to act as a trusted third party between these entities. Novell has created a proprietary, Linux-based implementation of the KDC that makes eDirectory® its core authentication and identity authority and allows full Kerberos authentication of ZENworks DLU accounts. The Novell Kerberos KDC provides a single point of management, with the advantage of eDirectory replication and security capabilities. It moves Kerberos-specific data to eDirectory and provides Kerberos services using a KDC that accesses data stored in eDirectory.

The information in this section describes how to set up the Novell Kerberos KDC for use in a ZENworks DLU environment.

If you want more specific information about the Novell Kerberos KDC, see the Novell Kerberos KDC documentation on the Novell product documentation Web site.

This section includes the following information: