Kerberos w/LDAP
Russ Allbery
rra at stanford.edu
Fri Jan 6 01:16:28 EST 2006
Rodrick Brown <rbrown[@]doitt.nyc.gov> writes:
> In my previous enviornment we used only LDAP to store username,
> passwords, automaps for nfs etc.. when ever a user logged into a system
> his/her home directory was mounted from a nfs server, I would like to
> simulate this behaving using kerberos and ldap some how? What is
> confusing me is the fact that instead of LDAP, kerberos will now be my
> authentication db and from i've been reading there is no way centralize
> way to store this infromation in kerberos, is there a way to keep
> authentication information in kerberos and store the other infromation
> in LDAP and have this work in a reasonable and managable way?
Sure. None of that is authentication information. Use a Kerberos PAM
module for authentication (or software that supports Kerberos
authentication via GSSAPI or the like) and use an LDAP nsswitch module to
retrieve the othe information.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list