Re: Kerberos Integration (Was: Fedora Crypto Consolidation Project)

On 9/1/07, Nicolas Mailhot <nicolas.mailhot(a)laposte.net&gt; wrote: Let me tell you my experience. Around the first of this year, I decided to use kerberos+ldap to manage the machines in my research lab. After spending hours reading documentation and experimenting with kerberos and ldap separately, I got everything configured. It was only then that I discovered that libuser doesn't support kerberos+ldap. Not wanting to waste all that time, I eventually went with the solution to be found at http://jjames.fedorapeople.org/libuser/ (note to libuser maintainer: there is likely a bug in libuser that can and should be fixed; see that URL for a hint). However, there don't appear to be any warning signs anywhere telling people to watch out for the kerberos+ldap+libuser combination. At least, I've never seen any. Have you? I didn't try Fedora Directory Server; if I'm reading the web page correctly, I went through all this in the month before it hit Fedora Extras. The question is moot now since I no longer manage a research lab. -- Jerry James http://jjames.fedorapeople.org/