[19289] in Kerberos
NEWBIE Question: Kerberos and LDAP
daemon@ATHENA.MIT.EDU (Rob Tanner)
Wed May 21 16:44:44 2003
Date: Wed, 21 May 2003 13:42:33 -0700
From: Rob Tanner <rtanner+kerberos@linfield.edu>
To: kerberos@mit.edu
Message-ID: <7180000.1053549753@oberon.linfield.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Reply-To: Rob Tanner <rtanner+kerberos@linfield.edu>
Errors-To: kerberos-bounces@mit.edu
Hi,
I'm an absolute newbie to kerberos trying to see how to fir it into our
network and existing authentication schemes. Currently, LDAP represents
the backend store for all passwords and users are authenticated against
the LDAP server. Maintenance of the LDAP user/password data is built into
our account management software, and numerous not-easily-kerberizable
applications will continue to depend on it. In kerberos, there is a user
principal (hoping my terminology is correct here) for each user in a
particular domain. What I want to know is whether I can configure the KDC
to validate the user credentials against the LDAP server as oppossed to
having to maintain another separate credentials store.
So far, a google search has turned up multiple descriptions of how to
authenticate to the LDAP server via kerberos, but nothing on how to use
LDAP as the backend store for the user principal credentials.
Thanks,
Rob
Rob Tanner
UNIX Service Manager
Linfield College
McMinnville, Oregon
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
