13 May
2014
13 May
'14
3:44 p.m.
I notice the link you provided uses RADIUS for authentication instead of the others I pointed to that use Kerberos. Would you say that this is a simpler and more supported way of handling the SSO issue? I’m not Gerald, but I’ll speak up: No, unless you have another REALLY compelling reason to use RADIUS (like a dialup terminal server that uses it for AAA), it’s not the direction you want to go. RADIUS is REALLY complicated to get working right, and it’s increasingly rare. Kerberos/AD (AD is just a integrated Kerberos/LDAP server) is the way to go.