[389-users] MIT Kerberos and FDS integration
Rob Crittenden
rcritten at redhat.com
Tue Jul 21 02:33:33 UTC 2009
John Robert Mendoza wrote:
> Thanks for the reply Rob.
>
> I did manage to solve the error by changing the permissions on the
> ds.keytab file.
>
> I can finally do ldapsearch with gssapi. BTW, I was just wondering,
> would there be any way i can make ldap as the database for the kerberos
> principals.
>
> Isn't it that when get a ticket from kerberos it supposed to look into
> ldap for its principals?
Yes, MIT kerberos has an LDAP backend that you can use. You might want
to look into the IPA project at http://www.freeipa.org/ This is exactly
what it does (among other things). It might give you some pointers how
to configure things at a minimum.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20090720/d4f23974/attachment.bin>
More information about the 389-users
mailing list