[Fedora-directory-users] pass thru authentication
Rich Megginson
rmeggins at redhat.com
Thu Nov 3 14:17:32 UTC 2005
We have a PAM pass thru plugin that allows you to pass through the
authentication request from FDS to PAM, and then to kerberos or whatever
you want. We use this internally to allow LDAP clients that can only do
simple BIND to use their Kerberos password. It's not compiled or
enabled by default, but it's pretty simple to do so.
http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/?root=dirsec
Derek T. Yarnell wrote:
> Does the Fedora DS or RHDS support pass thru authentication via SASL?
> For example, openldap can use --enable-spasswd at compile time to
> allow simple binds be accepted at the LDAP level and then
> authenticated with SASL (saslauthd in this example) to kerberos
> underneath and accept the bind.
>
> I need to have kerberos around for AFS but would like to be able to
> just use the LDAP directory as a way to authenticate clients that are
> not kerberized.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3312 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20051103/73a8e2a7/attachment.bin>
More information about the Fedora-directory-users
mailing list