Thanks Russ.

>Given your platform constraints and desire to avoid Active Directory, I
>think Cosign is definitely your best option. However, I believe that you
>will need a UNIX server to run the Cosign login daemon, even though you
>can use IIS for specific web applications. I could be wrong, since I
>don't run it myself, but you should check on that if that will be a
>problem.


Is the Unix server for a cron job? If so, then there are some
resources that can maybe run this job on IIS. I'm not quite sure, but from
what I've read there are some out there. Let me know if those sound bogus
or if you think it can be done.

Thanks again

On 7/17/08, Russ Allbery wrote:
>
> "Sharad Desai" writes:
>
> > Also, (I'm not sure how familiar people are with Cosign) since Cosign
> > transforms Kerberos authentication to a cookie-based authentication
> > which the browsers can use, I was wondering if you have had any
> > experience with this.

>
> Given your platform constraints and desire to avoid Active Directory, I
> think Cosign is definitely your best option. However, I believe that you
> will need a UNIX server to run the Cosign login daemon, even though you
> can use IIS for specific web applications. I could be wrong, since I
> don't run it myself, but you should check on that if that will be a
> problem.
>
> --
> Russ Allbery (rra@stanford.edu)
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>