[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: How does Openldap work with Cyrus SASL and MIT Kerberos V
"Le Trung Kien" <aloneattack@gmail.com> writes:
> As you know, on each client machine, I type "setup" and go in "Authentication
> Configuration" then fill up information about kerberos and ldap server.
> And so, my users could login our Kerberos&LDAP system.
>
> after login, users must get ticket to use ldap services by emit command :
> "kinit" then type their kerberos password. After get their tickets, they can
> use ldap services.
> I have tested this with "ldapwhoami" and get the proper user information
> (which belongs to ldap).
> And I have only password on Kerberos for each user.
> If I were wrong, please show me :)
> Could you explain to me how SASL gets involved in this ?
It is the SASL Mechanism GSSAPI that comes into the game. Your users
may connect to any network oriented service like smtp, imap, ldap by
calling the GSSAPI mechanism.
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6