[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Using OpenLDAP 2.0.7 for authentication

On Sun, 29 Apr 2001, John Humphrey wrote:
> My intentions for LDAP is to utilize it for authenticating services as well 
> as a user directory.  I want to use Kerberos as the encryption scheme.

First you need to get some terms straightened out.  Kerberos *uses*
encryption but doesn't *provide* it; it is an authentication mechanism
itself.  OpenLDAP knows how to use Kerberos to authenticate bind requests,
if you set it up to do that.

>                                                                        I'm 
> having trouble adding groups. Each time I attempt to create an LDIF import 
> file contaning group objects I get error messages.

What do they say?

>                                                     How do you create 
> groups? I've been successful is creating Organizations, Organizational 
> Units, and Users (the Person OjbectClass). Also, how do I assign users (the 
> Person objectclass) passwords?

If you're using Kerberos to authenticate users, you assign the passwords
using Kerberos and OpenLDAP has no contact with passwords.

Mark H. Wood, Lead System Programmer   mwood@IUPUI.Edu
Make a good day.