Archives
  Columns
  Features
  Print Archives
1994-1998
  Special
  BYTE Digest
  Michael Abrash's Graphics Programming Black Book
  101 Perl Articles
  About Us
  How to Access BYTE.com
  Write to BYTE.com
  Advertise with BYTE.com

Newsletter
Free E-mail Newsletter from BYTE.com
 
    
  HOME   ABOUT US   ARCHIVES   CONTACT US   ADVERTISE   REGISTER
Visit the home page Browse the four-year online archive Download platform-neutral CPU/FPU benchmarks Find information for advertisers, authors, vendors, subscribers Request free information on products written about or advertised in BYTE Submit a press release, or scan recent announcements Talk with BYTE's staff and readers about products and technologies

ArticlesComparing NNTP Access-Control Methods

October 1997 / Web Project / Next-Generation Servers / Comparing NNTP Access-Control Methods

Method: Based on Windows NT local or domain security

Server: Microsoft INS

Pros:

  • Leverages your understanding of NT security. If you know how to set permissions on file-system folders, you know how to govern access to newsgroups.
  • Leverages the existing user/group database. If you've already populated a domain da tabase, you can reuse those names when configuring NNTP security.

Cons:

  • Works only on NT.
  • Every NNTP user needs an NT domain account. Not a problem for your staff, usually. But if you park an NNTP server on the Internet so that your staff can collaborate with the outside world, you'll have to create one or more accounts for these outside users. That's scary.
  • Access schemes are tied to file systems. If you want to migrate conferences from one NT box to another, you have to migrate a file-system subtree and all its associated permissions. If you want to temporarily disable authentication, you're stuck. Recursively granting full access to everyone is a one-way transformation from which you cannot easily recover.

Method: Based on local or remote LDAP database

Server: Netscape Collabra

Pros:

  • Works on all Netscape-supported OSes.
  • Doesn't export OS accounts to Internet users.
  • Supports client authentication. If you specify a mapping between a field of a client certificate (e.g., Common Name) and an LDAP attribute (e.g., user name), you can dispense with user-name/password log-ins and control access entirely by means of certificates.

Cons:

  • You have to learn how to use the local LDAP database bundled with Netscape servers or else acquire, install, and learn how to use a Netscape or third-party directory server.
  • You have to populate the LDAP directory; there's no migration tool for capturing existing OS-based accounts.
Up to the Web Project section contentsGo to previous article: Comparing NNTP Access-Control MethodsSearchSend a comment on this articleSubscribe to BYTE or BYTE on CD-ROM  
Flexible C++
Matthew Wilson
My approach to software engineering is far more pragmatic than it is theoretical--and no language better exemplifies this than C++.

more...

BYTE Digest

BYTE Digest editors every month analyze and evaluate the best articles from Information Week, EE Times, Dr. Dobb's Journal, Network Computing, Sys Admin, and dozens of other CMP publications—bringing you critical news and information about wireless communication, computer security, software development, embedded systems, and more!

Find out more
BYTE.com Store

BYTE CD-ROM
NOW, on one CD-ROM, you can instantly access more than 8 years of BYTE.
 
The Best of BYTE Volume 1: Programming Languages
The Best of BYTE
Volume 1: Programming Languages
In this issue of Best of BYTE, we bring together some of the leading programming language designers and implementors...

Copyright © 2005 CMP Media LLC, Privacy Policy, Your California Privacy rights, Terms of Service
Site comments: webmaster@byte.com
SDMG Web Sites: BYTE.com, C/C++ Users Journal, Dr. Dobb's Journal, MSDN Magazine, New Architect, SD Expo, SD Magazine, Sys Admin, The Perl Journal, UnixReview.com, Windows Developer Network