Kerberos OpenLDAP Frontend
Jonathan Javier Cordoba Gonzalez
jcordoba at uniandes.edu.co
Tue Sep 25 09:59:57 EDT 2007
Hi Douglas,
I actually try to use the LDAP to store the KDC data... I guess that it
means more performance and administrative...
Jonathan Córdoba
Certified Ethical Hacker (CEH)
GIAC Certified Forensics Analyst (GCFA)
CompTIA Security+ Certified Professional
Ing. Seguridad Universidad de los Andes
Dirección de Tecnologías de Información (D.T.I.)
Bogotá - Colombia
-----Original Message-----
From: Douglas E. Engert [mailto:deengert at anl.gov]
Sent: Martes, 25 de Septiembre de 2007 08:56 a.m.
To: Jonathan Javier Cordoba Gonzalez
Cc: kerberos at mit.edu
Subject: Re: Kerberos OpenLDAP Frontend
Jonathan Javier Cordoba Gonzalez wrote:
> Hi,
>
>
>
> Im confuse about the openldap frontend
>
>
>
> Anybody have a guide, tutorial or a step-by-step procedure in order to
make
> the connection, create the initial LDAP DB and how it works??
>
>
>
> I dont understand the sequence when a user wants authenticate
You may be confusing the LDAP used by the KDC to store it data,
and an LDAP used by something like nss-ldap that stores what
would have been found on /etc/passwd or NIS.
So kinit and pam_krb5 can do the authentication as they always have,
to the KDC, then when kinit or pam_krb5 calls getpwnam this calls
the nss-ldap routines via /etc/nsswitch.conf.
>
>
>
> Thanks a lot.
>
>
>
> Jonathan Córdoba
>
> Certified Ethical Hacker (CEH)
>
> GIAC Certified Forensics Analyst (GCFA)
>
> CompTIA Security+ Certified Professional
>
> Ing. Seguridad Universidad de los Andes
>
> Dirección de Tecnologías de Información (D.T.I.)
>
> Bogotá - Colombia
>
>
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list