Generating krbPrincipalKey and krbPrincipalName out of known passwords
Petr Spacek
pspacek at redhat.com
Tue Jul 9 04:48:57 EDT 2013
Hello,
On 8.7.2013 18:20, Greg Hudson wrote:
> On 07/08/2013 07:08 AM, Maike Lorenz wrote:
>> Did someone know how i can transfer the userPasswords i allready have to
>> the needed attributes for Kerberos (krbPrincipalKey, krbPrincipalName)?
>> During the creation process i have the chance to get the plaintext value
>> out of nspmDistributionPassword.
>> It would be great if i could do this within the driver at the moment the
>> user will be created.
>> But i could use other methods as well.
I'm sorry for the advertisement :-)
FreeIPA project could be very interesting for you, if you don't insist on
OpenLDAP. FreeIPA supports user migration from other LDAP servers, including
password migration.
FreeIPA project integrates:
- LDAP server (389 DS)
- Kerberos KDC (MIT)
- optional CA (Dogtag)
- optional NTP
- web interface + XMLRPC + JSONRPI + Python API for all the pieces
See http://www.freeipa.org/ or ask mailing list freeipa-users at redhat.com.
The web site sucks, don't hesitate to ask freeipa-users if you can't find some
specific information or if you are unsure about your use case.
Have a nice day.
--
Petr^2 Spacek
More information about the Kerberos
mailing list