[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Simple binds authenticating against Kerberos
Hi,
Digant Kasundra <digant@uta.edu> writes:
> Hello,
> I'm relatively new at mixing OpenLDAP and Kerberos so please bear with me. We have
> some apps that can only do simple binds to LDAP but we want to manage all our
> passwords in the Kerberos realm. I know there is a way to use SASL such that a
> person can get a ticket from kerberos and than use it to access LDAP.
> But lets say the person just does a simple bind to LDAP. Is there a way to tell
> OpenLDAP to use than username and password against Kerberos to see if it is valid?
> It seems the OpenLDAP manual parts that I've seen don't seem to address this (to my
> understanding).
There has been a solution on this list a couple of days ago, combining
the pam modules pam_ldap, pam_unix2 and pam_krb5. So if your system
supports pam, just change pam_krb5afs to pam_krb5
http://www.openldap.org/lists/openldap-software/200403/msg00224.html
-Dieter
--
Dieter Kluenter | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de