LDAP gateway for Kerberos

Donn Cave donn at drizzle.com
Sat Oct 30 00:08:35 EDT 2004

Quoth halford2069 at hotmail.com (talisman):
| is there such a thing as a ldap gateway for kerberos i.e.
| the ldap gateway piece of software accepts ldap searches and returns
| basic user info from kerberos, and accepts a bind and passes that
| through to kerberos and returns success/failure back to the ldap
| client?

You can find an LDAP implementation that supports Kerberos
authentication at http://www.openldap.org/ (plus Cyrus SASL),
and I imagine there are others.  Such an implementation would
allow a client to use Kerberos credentials to authenticate
during bind.

The part about basic user info from Kerberos is not so obvious,
inasmuch as, in general, there isn't any useful user info there.
Some, maybe most, environments that use Kerberos also have a user
database with all kinds of information, but if that's what you
want, you'll have to ask about that (hypothetical) database.

	Donn Cave, donn at drizzle.com

More information about the Kerberos mailing list