Hi,
Look this howto about Kerberized OpenLDAP, Samba PDC and Squid:
http://eduardosachs.org/mediawiki/index.php?title=Heimdal_Kerberos_%2B_Samba_PDC_%2B_OpenLDAP_%2B_Squid_no_Debian_Etch
[]'s
Wes Modes escreveu:
I am using SASL/GSSAPI to authenticate to Kerberos from OpenLDAP. I
haven't
Wes Modes wrote:
Reason for this is that eventually, our campus kerberos
service will be replaced with a secure LDAP auth.
OH! Are you sure this is a good idea? (This is the Kerberos list)
Are you looking at Samba or AD as the LDAP server? If so they both
have Kerberos (Samba 4 does at least)
Douglas E. Engert [EMAIL PROTECTED] writes:
As Jeff pointed out, not with GSSAPI. What you might be looking for
is slapd code to take a username and password and do in effect a kinit
and a verify tgt, or have a sasl plugin do it for your. I don't know
of one.
There is an ugly hack: having a
I am using SASL/GSSAPI to authenticate to Kerberos from OpenLDAP. I
haven't gotten that to work yet.
Almost all of the docs I found presume that I am setting up the KDC on
the same server at OpenLDAP. In my case, the KDC is administered by
another group who is willing to grant me access to
Wes Modes wrote:
I am using SASL/GSSAPI to authenticate to Kerberos from OpenLDAP. I
haven't gotten that to work yet.
Are you saying you want to use SASL/GSSAPI/Kerberos between a ldap client and
and ldapserver?
Almost all of the docs I found presume that I am setting up the KDC on
the
I am using SASL/GSSAPI to authenticate to Kerberos from OpenLDAP. I
haven't gotten that to work yet.
Almost all of the docs I found presume that I am setting up the KDC on
the same server at OpenLDAP. In my case, the KDC is administered by
another group who is willing to grant me access to
To clarify.
To separate and modularize some of these services, we have three
servers: A file server running Samba; A directory server running
OpenLDAP to provide personal and group identities; and an authentication
server running Kerberos (administered by another group). Samba connects
to
Wes Modes wrote:
To clarify.
To separate and modularize some of these services, we have three
servers: A file server running Samba; A directory server running
OpenLDAP to provide personal and group identities; and an authentication
server running Kerberos (administered by another group).
Jeffrey Altman wrote:
Wes Modes wrote:
To clarify.
To separate and modularize some of these services, we have three
servers: A file server running Samba; A directory server running
OpenLDAP to provide personal and group identities; and an authentication
server running Kerberos
Let me rephrase what you are attempting to do. You want to authenticate
the LDAP query from the Samba client to the OpenLDAP server by sending a
username and password from Samba to OpenLDAP over a TLS protected
connection using SASL.
Instead of the LDAP server storing the password and using
10 matches
Mail list logo
