[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: LDAP/Kerberos user management
Umm, sorry about my last message, I intended it to go to the Kerberos
mailing list...
But anyway, thanks for the responses. We may end up writing a few scripts
for this; the data from the website will be directly loaded into an Oracle
db, so that may be one way to go. A few leads I received from the kerberos
site also might prove worthwhile.
Thanks again -- John
-----Original Message-----
From: Al Lilianstrom [mailto:al.lilianstrom@fnal.gov]
Sent: Friday, August 23, 2002 4:47 AM
To: John Green
Cc: Openldap-Software (E-mail)
Subject: Re: LDAP/Kerberos user management
We did something like this. A Oracle application drives a couple of
scripts when a new user is added to a particular database. One script
issues kadmin scripts to add the user to the MIT KDC. The second script
uses the OpenLDAP tools ldapsearch and ldapmodify to add the same user
to Active Directory. Kerberos is used for authentication all around so
there are no passwords going over the network at any time.
al
John Green wrote:
>
> Hi, I am trying to find a method for a principal automatically being
created
> in a Kerberos database while at the same time adding a corresponding entry
> to an LDAP database. Has anyone heard of or is anyone using something
like
> this? I have found some utilities for sale on the web (some might even
> work), just looking for alternatives. I am trying to automate the
creation
> of username/password/ldap_entry/Kerberos_principal/customer_web_site,
which
> the customer will be able to accomplish without IT intervention from a
> common web site.
>
> Thanks for any help or advice -- John
--
Al Lilianstrom
CD/OSS/CSI
Al.Lilianstrom@fnal.gov