NEWBIE Question: Kerberos and LDAP

Rob Tanner rtanner+kerberos at linfield.edu
Wed May 21 16:42:33 EDT 2003


Hi,

I'm an absolute newbie to kerberos trying to see how to fir it into our
network and existing authentication schemes.  Currently, LDAP represents
the backend store for all passwords and users are authenticated against
the LDAP server.  Maintenance of the LDAP user/password data is built into
our account management software, and numerous not-easily-kerberizable
applications will continue to depend on it.  In kerberos, there is a user
principal (hoping my terminology is correct here) for each user in a
particular domain.  What I want to know is whether I can configure the KDC
to validate the user credentials against the LDAP server as oppossed to
having to maintain another separate credentials store.

So far, a google search has turned up multiple descriptions of how to
authenticate to the LDAP server via kerberos, but nothing on how to use
LDAP as the backend store for the user principal credentials.

Thanks,
Rob
  
Rob Tanner
UNIX Service Manager
Linfield College
McMinnville, Oregon



More information about the Kerberos mailing list