I've searched for this, and found some info, but I'm still confused. If openldap was configured appropriately, can I bind to LDAP using a kerberos ticket obtained with kinit? I realize there are ACLs to deal with, and kerberos support has to be turned on in ldap. Right now I have my manager entity have a kerberos password in the slapd.conf file. When I bind as manager and give the password, slapd is able to verify that password using kerberos. But can I init to that principal first and then use ldapsearch? If so, can I also use ldap libraries and things like the php_ldap stuff with this ticket too? I saw an option -k in ldapsearch, but that has to do with krb5 and LDAPv2. I'm trying to do an LDAPv3 system. Any pointers to docs would be great. I already have an LDAP system set up (using kerberos for password verification) and Samba 2.2.2 working great. Just want to know about the kerberos ticket thing. Thanks, Michael -- Public key available from http://students.cs.byu.edu/~torriem
Attachment:
signature.asc
Description: This is a digitally signed message part