Kerberos-Gssapi-ldap-pam interaction
John Morris
john at butchwax.com
Wed Jun 18 20:02:41 EDT 2003
I'm using it for account management. The 'groupdn' feature is a nice
way to set a per host ACL for who's allowed login. Otherwise, between
nss_ldap and pam_krb5, it's not needed.
John
Balazs GAL <balsa at rit.bme.hu> writes:
> 2003-05-14, sze keltezéssel Jerome Walter ezt írta:
>
> > The first step i am trying to reach is to get this working :
> > auth -> Kerberos
> > account -> LDAP
> > password -> Kerberos
>
> I dont understand why you use pam_ldap?
>
> I think pam_krb5.sf.net for authentication and nss_ldap for
> authorization are a good pair for most unix domains.
>
> balsa
>
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
John Morris
+1-512-833-6004
More information about the Kerberos
mailing list