Authentication Windows client against Kerberos MIT and authorizing against OpenLDAP.

[Mendez, Franklyn]

Hello all,

 

I am thinking of configuring our Windows XP Prof workstation to
authenticate against our Kerberos servers. I have so far configured them
successfully though the use of ksetup.exe. I have mapped the user * to *
and it works well authorizing these users that have already been created
locally on the workstation. Ksetup can map 1 to 1 user and the use of
the wildcard * for all; obviously ksetup doesn't help me much in terms
of authorization.

 

My next step is using the Openldap to authorize them and better control
who logs into what workstation and manage group memberships.

 

In my online searches I found a lot of third parties directory services,
but many cost money. I want to use my existing LDAP setup.

We currently have Solaris, *nix, AIX and Red Hat Linux server being
authenticated and authorized by our KRB5 and LDAP DBs.

 

Have anyone done this before? can you guide me through the path?

 

Thank you in advance for your time and information,

 

Franklyn Mendez