[Date Prev][Date Next]
RE: Kerberos + SASL question..
I am having problems understanding kerberos, LDAP and Cyrus SASL
I am using LDAP to store the users information like uid, home directory,
grouid, geco (passwd without the password field).
I have kerberos configured and working.
I understand that SASL is a layer that provides authentication mechanims to
protocols like LDAP. By using GSSAPI, as soon as I get a Kerberos TGT I will
be allowed to get a TGS for LDAP. However, if the LDAP directory holds my
userid and groupid, necessary to pam_krb5, and if I need a TGT to access a
TGS for ldap how will I be able to login.
If I have the concepts wrong please let me know.
On the road to retirement? Check out MSN Life Events for advice on how to
get there! http://lifeevents.msn.com/category.aspx?cid=Retirement