Using LDAP in place of .k5login

Simon Wilkinson simon at sxw.org.uk
Tue Oct 2 19:29:00 EDT 2007



>Does anyone have any mods to use LDAP to store the auth_to_local
>database? 

Somewhere or another I've got patches allowing this to be deferred to a daemon that's contacted through a Unix socket (library provides principal and username, dameon says yes or no). I never really got past prototyping this as a proof of concept, and we've never got round to using it in production, but I can dig out the code if anyone is interested. In the case you're discussing it would allow the LDAP lookups to be performed 'out-of-process'.

S.




More information about the Kerberos mailing list