Kerberos & LDAP

Rachel Elizabeth Dillon red at MIT.EDU
Tue Oct 19 19:12:57 EDT 2004


Kerberos and LDAP are very very different things. If they were animals,
one would be a dog and one would be something very different, like maybe
a lemur. Basically, Kerberos is an authentication service which uses
strong encryption to guarantee the authentication of users and hosts.
LDAP, on the other hand, is a database protocol that is often used to 
store hierarchical directory information.

For the most part they have different purposes, though sometimes they 
can be used in concert to have an authenticated and encrypted database
of directory information. You can sort of use LDAP for authentication,
though it is much like teaching a lemur to fetch (really strange and
awkward). You cannot use Kerberos as a directory database; dogs do not
climb trees.

To learn more about Kerberos, try the excellent Kerberos FAQ at:
http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html

To learn more about LDAP, try this LDAP FAQ (one of many) at:
http://www.openldap.org/faq/data/cache/3.html

Best of luck. 

-r. 


On Tue, Oct 19, 2004 at 09:32:18AM -0400, Cindi Howson, ASK wrote:
> Can you point me to any resources that explain how Kerberos is different /
> similar to LDAP?
> 
> Thanks,
> 
> 
> Cindi Howson
> Analytic Solutions Know-How (ASK)
> Howson, Myers, Holumn (HMH)
> www.askcindi.com, www.biscorecard.com
> 973-726-3754
> 
> 
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20041019/5bf29a17/attachment.bin


More information about the Kerberos mailing list