Authentication Windows client against Kerberos MIT and authorizing against OpenLDAP.

Javier Palacios javiplx at gmail.com
Tue Jun 23 13:36:20 EDT 2009


Hello,

Besides samba, you could have a look to pGina. You have for sure ldap
authentication + authorization, but I don't remember a mixed
kerberos-ldap (I search that about two years ago)

There is also a Windows SSP that allowed you to do what you want, and
a couple of things you maybe are only thinking on, as create
authorized accounts on the fly. I'm not aware of improvements (again
since two years), but I did the work more or less nicely (needed to
patch to not remove local accounts if something fails). It is at
http://sc-ap.sourceforge.net/

I cannot tell you if any of these allow any kind of roaming profile,
in case you need it.

Javier Palacios



More information about the Kerberos mailing list