[Date Prev][Date Next]
Re: Simple binds authenticating against Kerberos
Digant Kasundra <firstname.lastname@example.org> writes:
> I'm relatively new at mixing OpenLDAP and Kerberos so please bear with me. We have
> some apps that can only do simple binds to LDAP but we want to manage all our
> passwords in the Kerberos realm. I know there is a way to use SASL such that a
> person can get a ticket from kerberos and than use it to access LDAP.
> But lets say the person just does a simple bind to LDAP. Is there a way to tell
> OpenLDAP to use than username and password against Kerberos to see if it is valid?
> It seems the OpenLDAP manual parts that I've seen don't seem to address this (to my
There has been a solution on this list a couple of days ago, combining
the pam modules pam_ldap, pam_unix2 and pam_krb5. So if your system
supports pam, just change pam_krb5afs to pam_krb5
Dieter Kluenter | Systemberatung
Tel:040.64861967 | Fax: 040.64891521