[Date Prev][Date Next]
Re: Using OpenLDAP 2.0.7 for authentication
On Mon, 30 Apr 2001, Mark H. Wood wrote:
> On Sun, 29 Apr 2001, John Humphrey wrote:
> > My intentions for LDAP is to utilize it for authenticating services as well
> > as a user directory. I want to use Kerberos as the encryption scheme.
> First you need to get some terms straightened out. Kerberos *uses*
> encryption but doesn't *provide* it; it is an authentication mechanism
> itself. OpenLDAP knows how to use Kerberos to authenticate bind
> requests, if you set it up to do that.
That's not exactly true. The Kerberos libraries (last I looked) do provide
encryption functions (i.e., mk_priv()); however, you don't want to use
> > having trouble adding groups. Each time I attempt to create an LDIF import
> > file contaning group objects I get error messages.
> What do they say?
> > How do you create
> > groups? I've been successful is creating Organizations, Organizational
> > Units, and Users (the Person OjbectClass). Also, how do I assign users (the
> > Person objectclass) passwords?
> If you're using Kerberos to authenticate users, you assign the passwords
> using Kerberos and OpenLDAP has no contact with passwords.
> Mark H. Wood, Lead System Programmer mwood@IUPUI.Edu
> Make a good day.