Final DCE Shutdown Scheduled for January 7, 2009

| 1 Comment | 0 TrackBacks
Here's a notice that was circulated to various venues earlier, such as the l-nwop mailing list:

ITS to Terminate DCE Security Servers, January 7, 2009

On Wednesday, January 7, 2009, during the regularly scheduled maintenance window (5:00-7:00 a.m.), Information Technology Services (ITS) will terminate the Kerberos authentication servers that relied upon the former security technology. DCE once provided the security portion for the filesystem that formerly supported Penn State Access Account Storage Space (PASS), the Distributed File System (DFS). While PASS' use of DCE and DFS ended in July 2008 with the migration to the new filesystem and KDC security servers (see for details), some clients may still be using the DCE servers. Any native clients connected to/configured for the legacy servers will no longer work as of January 7.


Read the rest of the notice on

So with this change, we're finally shutting down DFS and DCE.  Yes, PASS no longer uses DFS, but some internal systems may still use DCE for authentication or DFS for storage.  This will all cease for good in January.

Also note, there may be some out there who configured systems for Penn State Access Account authentication via Kerberos using the old DCE based Kerberos servers.  They should take heed the warning from this note; their systems may stop working in January if the configuration is not updated to the new servers (listed on the above alert).

No TrackBacks

TrackBack URL:

1 Comment

As the alert update reads, the final shutdown was uneventful and on time.

So far, we have not witnessed or heard reports of any problems that we know are related to this. So far so good.

In some sense, it was a bit anticlimactic. But it does feel a little different to no longer carry the burden of a second authentication realm or the need to run another 40 servers we had the opportunity to shut down this morning. If nothing else, (and there is much else), this is another step towards a greener Blue and White.

Leave a comment

Search This Blog

Full Text  Tag

Recent Entries

Kerberos encryption types augmented
On Wednesday, January 6, 2010, we augmented the list of encryption types supported by the Access Account realm,, to…
Database behind Blogs (and other things) upgraded today ran without a hitch.  Yes, this post is part of the verification. ;-)…
Samba server upgrade
Starting October 20th, and ending this morning, we upgraded each of the 6 Samba (SMB/CIFS) PASS Gateways.  They now have…