[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP & Kerberos
>>>>> "Alexander" == Alexander Brinkman <eon@eon.za.net> writes:
Alexander> Hi all, I'm trying to setup LDAP with Kerberos
Alexander> authentication, and things are starting to work (after
Alexander> having read I don't know how many documents and
Alexander> archives ;)).
I wrote some stuff about this. I'm not finished yet, but maybe you can
find some pointers there...
http://www.bayour.com/kerberos/Kerberos-MiniHOWTO.html
Very Debian GNU/Linux oriented, but maybe you can see trough that :)
Alexander> When I do an ldapsearch, the results a what an
Alexander> anonymous user would also get.
If you just do 'ldapsearch -x ...' then yes, if you do 'ldapsearch -I ...'
then I guess it depends on how you have configured you ACL's...
Alexander> If so, is there a way to map/bind the Kerberos
Alexander> principal to a uid in the LDAP directory?
That's what I'd like to know to. I have the krb5PrincipalName attribute
for all my users, and I would like that that would be 'chased' back to the
correct principal and get the password from there...
--
Turbo __ _ Debian GNU Unix _IS_ user friendly - it's just
^^^^^ / /(_)_ __ _ ___ __ selective about who its friends are
/ / | | '_ \| | | \ \/ / Debian Certified Linux Developer
_ /// / /__| | | | | |_| |> < Turbo Fredriksson turbo@tripnet.se
\\\/ \____/_|_| |_|\__,_/_/\_\ Stockholm/Sweden