Convert ldap user principal
Daniel Savard
daniel.savard at gmail.com
Thu Feb 9 16:10:20 EST 2012
Why not simply use the SASL authentication with GSSAPI and Mapping
authentication identities?
http://www.openldap.org/doc/admin24/sasl.html#Mapping%20Authentication%20Identities
-----------------
Daniel Savard
2012/2/9 Chris Hecker <checker at d6.com>
>
> You can do this pretty trivially with pure ldap, and something like perl
> or your favorite scripting language (with an ldap api), if I understand
> what you're trying to do. The krb5 stuff in the ldap entries are just
> regular ldap attributes, I've mucked with them manually in ldapvi
> before, moving krb attributes onto a separately created ldap entry, for
> example. As long as the krb5 username and realm aren't changing and you
> make sure you get everything, you should have no problems.
>
> Chris
>
> On 2012/01/26 11:43, Raffael Sahli wrote:
> > Hi
> >
> > How can I convert a principal which was created with -x
> > dn="cn=myuser,dc=exam,dc=com" on a ldap backend
> > into a normal principal located under
> > krbPrincipalName=myuser at MYREALM.COM,cn=MYREALM.COM,dc=exam,dc=com.
> > I have to convert all my user principals to "normal" principals.
> >
> > Thanks for your help
> >
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list