[Date Prev][Date Next] [Chronological] [Thread] [Top]

Kerberos + SASL question

To: openldap-software@OpenLDAP.org
Subject: Kerberos + SASL question
From: "Manel Euro" <euro_32@hotmail.com>
Date: Tue, 22 Mar 2005 17:19:45 +0000

Hello,

I am having problems understanding kerberos, LDAP and Cyrus SASL interaction.

I am using LDAP to store the users information like uid, home directory, grouid, geco (passwd without the password field). I have kerberos configured and working.

I understand that SASL is a layer that provides authentication mechanims to protocols like LDAP. By using GSSAPI, as soon as I get a Kerberos TGT I will be allowed to get a TGS for LDAP. However, if the LDAP directory holds my userid and groupid, necessary to pam_krb5, and if I need a TGT to access a TGS for ldap how will I be able to login.

If  I have the concepts wrong please let me know.

Regards,
Francisco

_________________________________________________________________ Don?t just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/

Follow-Ups:
- Re: Kerberos + SASL question
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: Uid with '+' sign ?
Next by Date: Kerberos + SASL
Index(es):
- Chronological
- Thread