[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap proxy to kerberos

To: vadud3@gmail.com
Subject: Re: openldap proxy to kerberos
From: Dan White <dwhite@cafedemocracy.org>
Date: Mon, 7 Jan 2019 16:53:37 -0600
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <CAOHBbgUXsYhqXxWZuQ4=zJKgDeAR4tgBgYax=Po1BcNSbDteFg@mail.gmail.com>
References: <CAOHBbgUXsYhqXxWZuQ4=zJKgDeAR4tgBgYax=Po1BcNSbDteFg@mail.gmail.com>
User-agent: NeoMutt/20170609 (1.8.3)

On 01/07/19 16:18 -0500, vadud3@gmail.com wrote:

I am using openldap proxy today with ldap backend.

Any suggestions on how to use kerberos as the backend?

Here is my config (sanitized)

$ cat slapd.conf

### Database definition (Proxy to AD) #########################################
database                ldap
readonly                yes
protocol-version        3
rebind-as-user          yes
uri                     "ldaps://ldap.example.com:1636"
suffix                  "ou=People,dc=example,dc=net"


I'm not clear on where kerberos authentication fits scenario, but
the two pieces of documentation to start with would be the slapo-ldap
manpage, and the OpenLDAP Software 2.4 Administrator's Guide, section 14.5,
and chapter 15.

If that doesn't adress your question, please provide more detail, including
how your clients authenticate with the proxy server.

Follow-Ups:
- Re: openldap proxy to kerberos
  - From: vadud3@gmail.com

References:
- openldap proxy to kerberos
  - From: vadud3@gmail.com

Prev by Date: openldap proxy to kerberos
Next by Date: Re: openldap proxy to kerberos
Index(es):
- Chronological
- Thread