[Date Prev][Date Next] [Chronological] [Thread] [Top]

can I use a kerberos ticket with ldapsearch (and ldap libraries)

I've searched for this, and found some info, but I'm still confused. 

If openldap was configured appropriately, can I bind to LDAP using a
kerberos ticket obtained with kinit?  I realize there are ACLs to deal
with, and kerberos support has to be turned on in ldap.  Right now I
have my manager entity have a kerberos password in the slapd.conf file. 
When I bind as manager and give the password, slapd is able to verify
that password using kerberos.  But can I init to that principal first
and then use ldapsearch?  If so, can I also use ldap libraries and
things like the php_ldap stuff with this ticket too?

I saw an option -k in ldapsearch, but that has to do with krb5 and
LDAPv2.  I'm trying to do an LDAPv3 system.

Any pointers to docs would be great.  I already have an LDAP system set
up (using kerberos for password verification) and Samba 2.2.2 working
great.  Just want to know about the kerberos ticket thing.


Public key available from http://students.cs.byu.edu/~torriem

Attachment: signature.asc
Description: This is a digitally signed message part