Using LDAP in place of .k5login
simon at sxw.org.uk
Tue Oct 2 19:29:00 EDT 2007
>Does anyone have any mods to use LDAP to store the auth_to_local
Somewhere or another I've got patches allowing this to be deferred to a daemon that's contacted through a Unix socket (library provides principal and username, dameon says yes or no). I never really got past prototyping this as a proof of concept, and we've never got round to using it in production, but I can dig out the code if anyone is interested. In the case you're discussing it would allow the LDAP lookups to be performed 'out-of-process'.
More information about the Kerberos