[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Mapping userPassword to Kerberos 5

To: openldap-software@OpenLDAP.org
Subject: Re: Mapping userPassword to Kerberos 5
From: Frank Swasey <Frank.Swasey@uvm.edu>
Date: Wed, 6 Aug 2003 13:19:57 -0400 (EDT)
In-reply-to: <3F3116EF.D819920F@siumed.edu>
References: <1060171844.9814.28.camel@bkrein.pmctechnologies.com> <20030806141423.GG12198@ns.snowman.net> <3F3116EF.D819920F@siumed.edu>

Today at 9:55am, Paul M Fleming wrote:

> --enable-kpasswd is a viable option in some environments. We don't allow
> users to directly bind to LDAP BUT we have some commercial applications
> that don't understand Kerberos directly but DO understand LDAP + SSL/TLS
> for authentication.

This is pretty much the same boat I'm in.  I have the added requirement
to allow people (users) to directly bind to LDAP, but I require they
have an SSL connection to do so (yes, I'm aware that they can try and
send their password in the clear across the net even though it won't be
successful).

F

Follow-Ups:
- RE: Mapping userPassword to Kerberos 5
  - From: "Howard Chu" <hyc@highlandsun.com>

References:
- Mapping userPassword to Kerberos 5
  - From: Benjamin Krein <superbenk@superk.org>
- Re: Mapping userPassword to Kerberos 5
  - From: Stephen Frost <sfrost@snowman.net>
- Re: Mapping userPassword to Kerberos 5
  - From: Paul M Fleming <pfleming@siumed.edu>

Prev by Date: RE: More password questions
Next by Date: Re: acl problem Insufficient access
Index(es):
- Chronological
- Thread