[Date Prev][Date Next] [Chronological] [Thread] [Top]

can I use a kerberos ticket with ldapsearch (and ldap libraries)



I've searched for this, and found some info, but I'm still confused. 

If openldap was configured appropriately, can I bind to LDAP using a
kerberos ticket obtained with kinit?  I realize there are ACLs to deal
with, and kerberos support has to be turned on in ldap.  Right now I
have my manager entity have a kerberos password in the slapd.conf file. 
When I bind as manager and give the password, slapd is able to verify
that password using kerberos.  But can I init to that principal first
and then use ldapsearch?  If so, can I also use ldap libraries and
things like the php_ldap stuff with this ticket too?

I saw an option -k in ldapsearch, but that has to do with krb5 and
LDAPv2.  I'm trying to do an LDAPv3 system.

Any pointers to docs would be great.  I already have an LDAP system set
up (using kerberos for password verification) and Samba 2.2.2 working
great.  Just want to know about the kerberos ticket thing.

Thanks,
Michael



-- 
Public key available from http://students.cs.byu.edu/~torriem


Attachment: signature.asc
Description: This is a digitally signed message part