[29862] in Kerberos
Open LDAP VS Kerberos : help needed
daemon@ATHENA.MIT.EDU (Anshuman Hazarika)
Thu May 22 09:08:58 2008
Date: Thu, 22 May 2008 11:18:47 +0000 (GMT)
From: Anshuman Hazarika <anshuman_hazarika@yahoo.co.uk>
To: Kerberos@mit.edu
MIME-Version: 1.0
Message-ID: <207198.37257.qm@web27901.mail.ukl.yahoo.com>
Cc: anshuman.hazarika@ftindia.com
Content-Type: text/plain; charset="iso-8859-1"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hi,
I now know that we can make kerberos use openldap as its data store backend, but only with heimdal as our kdc, not mit kerberos.
I have read somewhere that with openldap you can add krb5Principal object class and krb5principalName attribute to your users to allow them to use credentials they get from kerberos to bind to the tree and change stuff.
In such a case would the kerberos db and the open ldap db be seperate? Can we have a setup like this in which both the kerberos db and openldap db are diffrent but we bind to the openldap tree using kerberos credential?
Any help to clarify my concepts in this regard would be appreciated.
Anshuman Hazarika
Mobile 9821434383
Vipassana can change u'r life. Do give it a try.
www.dhamma.org
__________________________________________________________
Sent from Yahoo! Mail.
A Smarter Email http://uk.docs.yahoo.com/nowyoucan.html
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
