Updates
Latest Tweet
What's New?
Check out for latest innovation, a computer based training video collection
Like this Page
Kerberos: The Definitive Guide Review by Robert Pratte
Reasonably thorough introduction and guide, but needs updated
Like most O'Reilly titles, this book covers the general topics one needs to be conversant in a given topic. Take what you read, do a few web searches, experiment with the technology, discuss the concepts with others - this book will give you a solid foundation to get started. Moreover, like other O'Reilly topics one can see errata, etc. on the O'Reilly website. This book easily meets the high expectations one has of a book from this publisher: conversational tone, lots of hands-on examples, and broad coverage of applications using this technology.
There are really two areas where this book falls short: 1) while broad and general concepts of Kerberos are discussed, when the examples roll out little effort is given to explain the reasons behind settings, configurations, etc., and 2) as with many technology-related books this book could already use an update. In terms of the former issue, I can see that it is difficult to cover the logic behind various implementations of Kerberos. This book attempts to cover Kerberos implementations in Kerberos 4, Kerberos 5, MIT, Heimdal, Windows, and a bit of Mac OS X, as well as various applications that can use Kerberos such as Cyrus, OpenSSH, and Reflection. There is a lot of material here: each of these applications could easily warrant an O'Reilly book of their own. Moreover, these applications change over time (and rather short times, at that). Thus, the second complaint: particularly in terms of OS X this book could use an updated version, though the majority of the text is still relevant.
To summarize a bit here, if you are looking for cutting-edge info on security, implementation (such as in OS X), or applications, then this book will fall a bit short. Further, if you are already well-versed in the Kerberos liturgy, there will be little to excite you here (though there may be some golden nuggets). However, if you are a manager, someone who needs to quickly assimilate the vast information on Kerberos, or a junior system administrator then this book will be a valuable guide for you. While it lacks the lowest levels of detail on Kerberos, this book should provide enough detail for the astute reader to find their way.