[Date Prev][Date Next]
Re: gssapi, sasl, pam interaction
Adrian Worthington wrote:
what i can't figure out is how to hold directory information
in the ldap server, the password in kerberos and setup pam_ldap to use
the password given to the login process to aquire a ticket from the
AFAIK that is what pam_krb5 does.
and have ldap/sasl-gssapi use the identity based on theThat would mean, pam_ldap and nss_ldap have to support SASL/GSSAPI to
bind with your kerberos credentials to the directory, I don't think it
is possible/supported (would be nice anyway).
kerberos authentication to retrieve all the neccessary account and user
information from the ldap server (shell, user, uidnumber etc.).
anybody has setup this configuration could they please outline the
steps taken to setup pam_ldap and the pam.d/login (or system-auth)
thanks in advance