[24569] in Kerberos

home help back first fref pref prev next nref lref last post

daemon@ATHENA.MIT.EDU (Kent Wu)
Wed Aug 31 17:37:10 2005

From: Kent Wu <kwu@xsigo.com>
To: kerberos@mit.edu
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Date: Wed, 31 Aug 2005 14:29:23 -0700
Message-Id: <1125523763.11580.62.camel@jurassic.mvcorp.xsigo.com>
Mime-Version: 1.0
Errors-To: kerberos-bounces@mit.edu

Hi guys,

Does anyone have experience on this to share? 
I've set up a SUN LDAP server and it's running fine by 
using simple authentication so far. Of course I want to
make it more secure (to protect the password while binding 
to LDAP server) so I'm thinking either MD5-Digest or Kerberos.
However looks like SUN LDAP itself doesn't have kerberos 
abilities and I have to install SEAM (Sun Enterprise Authentication
Mechanism) separately to enable Kerberos..... 

   So I was thinking that if I can easily configure SUN LDAP to 
use MD5-digest then that should be the easiest however it seems 
that I have to store the password as plain-text in LDAP
server to enable MD5-digest and I don't want to do that (Let 
me know if there are other easier ways to enable MD5-digest). 

   So my question is that is it pretty easy to enable Kerberos 
for SUN LDAP after installing SEAM? Or can SUN LDAP use other 
KDC as well? 	 

Thanks a lot in advance !

P.S, I know LDAPS (LDAP over SSL) can easily achieve my goal 
however I kinda think it's an overkill since I don't really 
need to protect all the LDAP transactions except for the 
password part...

-Kent
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post