Kerberos/LDAP Howto
Todd O'Bryan
toddobryan at gmail.com
Fri Sep 18 17:12:54 BST 2009
Thanks. I'll try to go through it. I hadn't found your tutorial
through the normal Googling.
I guess the one issue with not using Kerberos is that you can query
LDAP for the password hashes, which should ideally not be available to
anybody. On the other hand, as you said, if I can get LDAP working for
authorization and authentication, then I should be able to substitute
Kerberos for the authentication part fairly easily.
Todd
On Fri, Sep 18, 2009 at 1:00 AM, Asmo Koskinen <asmo.koskinen at arkki.info> wrote:
> Todd O'Bryan kirjoitti:
>
>> Does anyone have a very step-by-step how-to that they can suggest that
>> will get me from point A to point B with the least amount of pain?
>
> Have you seen this:
>
> https://help.ubuntu.com/community/UbuntuLTSP/OpenLDAP_NFS_SSL
>
> It uses SSL, not Kerberos.
>
> If you get openLDAP to work with that howto (SSL), you can turn Kerberos on
> later, I guess. Never try Kerberos by myself.
>
> Be very careful when dealing with PAM.
>
> ps. I wrote that, so I'm glad to hear how easy that howto is as a
> step-by-step howto.
>
> Best Regards Asmo Koskinen.
>
More information about the edubuntu-users
mailing list