active directory auth against MIT via AD-LDAP
Dave Botsch
botsch at cnf.cornell.edu
Wed Jun 27 17:32:20 EDT 2007
So, one can set up Active Directory to authenticate against a MIT kerberos
server by setting up the cross realm trust and filling in the
altsecurityidentities field - then one sees the MIT Kerb realm in the Active
Directory login box. Fine.
What about if I want to be able to authenticate to those MIT realms via that
trust when I am connecting to the active directory ldap interface? So far, I
haven't found any documentation on whether or not this works or requires
additional configuration.
So,
ldap bind to AD-LDAP via SSL
ldap client enters in kerberos uname and password
active directory receives the username and password and via its kerberos trust,
obtains a tgt for the user
user is now authenticated via AD-LDAP
Does this work?
thanks!
--
********************************
David William Botsch
Programmer/Analyst
CNF Computing
botsch at cnf.cornell.edu
********************************
More information about the Kerberos
mailing list