[Date Prev][Date Next] [Chronological] [Thread] [Top]

Multiple Kerberos Domain

To: openldap-software@OpenLDAP.org
Subject: Multiple Kerberos Domain
From: "Gustavo Rios" <rios.gustavo@gmail.com>
Date: Sat, 25 Feb 2006 00:24:00 -0300
Content-disposition: inline
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=RdrwqYxa25eN7mUpuXGbZUF0M6MKGM/BMu6ocZt8n5ZgwVQ+crfWOHXagt2X3UgS1VPQvFBiRwOCmEa9QRbNGHlKHfmRFqTW6+Ngq8vaQPREUQnHAPjIdyESrUPb7az9wbrDcWFzNf5tTMMuAfEKWlmlM+I1qQOfJ6VqAlDE09E=

In order ro reduce costs, i have a single machine server handling a
set of kerberos domains
One domain for each of my clients. Now some client want to have access
to OpenLDAP service.

My initial ideia is to create a "root" node for each client and have
access to anything below this node being authenticated under the
client kerberos domain. For instance:

*,o=org_0  will authenticate against kerberos realm org_0.com
*,o=org_1 will authenticate against kerberos realm xxx.net

So, i would have to create a ldap/xxx@realm for each of the realm
kerberos. Does openldap support such? If not, how could i handle this
task ?

Thank you a lot.

Prev by Date: Re: OpenLDAP not listening on port 389
Next by Date: slapindex performance?
Index(es):
- Chronological
- Thread