I'm fairly sure the admin server does support or at least did at one
time, because I know Ive done it before at some of my previous jobs.
It may requier saslauthd to work but I cant remember the details. Its
been a few years since I did it last and I can't find the article that
explains how to do it.
On Tue, Mar 4, 2014 at 12:58 PM, Rich Megginson <rmeggins(a)redhat.com> wrote:
On 03/04/2014 10:26 AM, Paul Robert Marino wrote:
>
> On Tue, Mar 4, 2014 at 12:13 PM, Rich Megginson <rmeggins(a)redhat.com>
> wrote:
>>
>> On 03/04/2014 09:16 AM, Paul Robert Marino wrote:
>>>
>>> hello
>>> I know there use to be a document on doing this because I did it
>>> several years ago at a previous job but I cant seem to find it in the
>>> documentation now.
>>>
>>> I'm trying to make the the admin server accept Kerberos
>>> authentication.
>>
>>
>> From which applications?
>
> 389-console
I don't even know if that is possible, without changing the console and
admin server code.
>
>>> my kerberos servers are separate from my LDAP servers
>>> so this shouldn't cause an issue but I just cant find the doc on how
>>> to do it. I know I have to set KRB5_KTNAME in
>>> /etc/sysconfig/dirsrv-admin but beyond that Im just not sure.
>>> Do I need a specific principal in the key tab file other than
>>> ldap/<hostname>(a)<REALM.NAME> and do I need to set any other
options in
>>> the configuration?
>>>
>>> if any one knows the answer or know of a doc that describes it that
>>> would be extremely helpful.
>>> --
>>> 389 users mailing list
>>> 389-users(a)lists.fedoraproject.org
>>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>>
>>
>> --
>> 389 users mailing list
>> 389-users(a)lists.fedoraproject.org
>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>
> --
> 389 users mailing list
> 389-users(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users