Generating krbPrincipalKey and krbPrincipalName out of known passwords
Maike Lorenz
maike.lorenz at uni-jena.de
Mon Jul 8 07:08:28 EDT 2013
Hi,
i have a question about generating krbPrincipalKey and krbPrincipalName
out of known passwords.
We use Novell Identity Manager, the Novell eDirectory is our central
instance for identities.
I connected a OpenLDAP system to our eDirectory, as a destination
system. I used a LDAP driver for this connection.
The userPasswords are transported using nspmDistributionPassword. So i
have a SSHA hashed password in the destination system (OpenLDAP).
Now we want to use Kerberos on the OpenLDAP.
Did someone know how i can transfer the userPasswords i allready have to
the needed attributes for Kerberos (krbPrincipalKey, krbPrincipalName)?
During the creation process i have the chance to get the plaintext value
out of nspmDistributionPassword.
It would be great if i could do this within the driver at the moment the
user will be created.
But i could use other methods as well.
I try to find a way using GSS-API or krb5 API, but i could not found one
so far.
It would be great if someone could give me some hints.
Thanks a lot!
Kind regards,
Maike Lorenz
--------------------------------------------------------------------
Rechenzentrum der Friedrich-Schiller-Universitaet Jena
Am Johannisfriedhof 2
07743 Jena / Thueringen / Germany
More information about the Kerberos
mailing list