Kerberos/LDAP Howto

Todd O'Bryan toddobryan at gmail.com
Fri Sep 18 17:12:54 BST 2009


Thanks. I'll try to go through it. I hadn't found your tutorial
through the normal Googling.

I guess the one issue with not using Kerberos is that you can query
LDAP for the password hashes, which should ideally not be available to
anybody. On the other hand, as you said, if I can get LDAP working for
authorization and authentication, then I should be able to substitute
Kerberos for the authentication part fairly easily.

Todd


On Fri, Sep 18, 2009 at 1:00 AM, Asmo Koskinen <asmo.koskinen at arkki.info> wrote:
> Todd O'Bryan kirjoitti:
>
>> Does anyone have a very step-by-step how-to that they can suggest that
>> will get me from point A to point B with the least amount of pain?
>
> Have you seen this:
>
> https://help.ubuntu.com/community/UbuntuLTSP/OpenLDAP_NFS_SSL
>
> It uses SSL, not Kerberos.
>
> If you get openLDAP to work with that howto (SSL), you can turn Kerberos on
> later, I guess. Never try Kerberos by myself.
>
> Be very careful when dealing with PAM.
>
> ps. I wrote that, so I'm glad to hear how easy that howto is as a
> step-by-step howto.
>
> Best Regards Asmo Koskinen.
>



More information about the edubuntu-users mailing list