ldap-backend with kerberos

Greg Hudson ghudson at MIT.EDU
Wed Sep 9 11:08:31 EDT 2009

On Wed, 2009-09-09 at 06:12 -0400, Julian Thomé wrote:
> Hello mailing list,
> We want to integrate Kerberos with our existing 
> User-Authentication-System using PAM-LDAP thus ... we want to use ldap 
> as a backend for kerberos.
> That means that user data like password, username, uid etc. ist stored 
> in the LDAP-DB and we want kerberos to user this data.
> Is this possible in this way ?

Yes, this is possible in krb5 1.6 and later.  There are instructions in
the admin guide.  You may need a copy of the source tree to get
kerberos.schema from.

Setup can be a little tricky to get right, depending on how familiar you
are with your OpenLDAP setup.

More information about the Kerberos mailing list