[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap in heterogenous environment

To: openldap-software@OpenLDAP.org
Subject: Re: ldap in heterogenous environment
From: David Smith <DavidSmith@byu.net>
Date: Sat, 19 Apr 2003 18:23:33 -0600
In-reply-to: <30064.1050788338@www60.gmx.net>
References: <30064.1050788338@www60.gmx.net>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3) Gecko/20030312

I can confirm that those rumors are true. We are doing just that (including Kerberos) at my place of employment. There is one caveat: your NT passwords must be stored as hashes in LDAP rather than in Kerberos. The Samba PDC authenticates to those rather than to kerberos in our setup.

--Dave

suffocator@gmx.de wrote:

hi group,
i hope this is the right place for this topic. in short: i´m trying to set up a rather complex environment using ldap for authorization/authentication with clients like w2k, aix, solaris and linux using
1) ldap server as _main_ directory service (based on linux/openldap)
2) kerberos server for storing passwords (based on linux/kerberos)
3) w2k ads based on 1) (obviously based on w2k)
4) sudo server for unix users/permissions
|W2K-CLIENT| -> auth -> |ADS| -> \ -> auth -> |LDAP-SERVER| -> password -> |KERBEROS-SERVER| |UNIX-CLIENT| -> auth -> -> -> ->/ \ -> permissions -> |SUDO-SERVER|

rumors say that it is possible, but after a long journey through the web i did not find anything concrete to solve this problem. does anyone have any experience with ldap in heterogenous environments? is there some kind of cookbook or howto? at the moment it seems to become very difficult, especially merging w2k/ads and ldap...
thanks in advance,
magnus

Follow-Ups:
- Re: ldap in heterogenous environment
  - From: Jerome Walter <walter+openldap@efrei.fr>

References:
- ldap in heterogenous environment
  - From: suffocator@gmx.de

Prev by Date: ldap in heterogenous environment
Next by Date: [no subject]
Index(es):
- Chronological
- Thread