[Fedora-directory-users] Question re: {KERBEROS} syntax
Richard Megginson
rmeggins at redhat.com
Tue Jul 25 20:00:22 UTC 2006
Tom Ryan wrote:
>
> On 7/25/06 3:51 PM, "Richard Megginson" <rmeggins at redhat.com> wrote:
>
> Tom Ryan wrote:
> > Yes, but its not quite what I’m looking for. Using {KERBEROS} under
> > openldap, the ldap server would validate the supplied user/password
> > using kerberos..
> >
> > Unless I’m missing something, this won’t work for me..
> Are you attempting a SASL/Kerberos bind or a simple username/password
> bind? If the latter, you will need the PAM passthru auth plugin:
> http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/README?root=dirsec=1.4=auto
> <http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/README?root=dirsec&rev=1.4&view=auto>
> <http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/README?root=dirsec&rev=1.4&view=auto>
>
>
>
> That’s the general idea of what I want.. The problem is that users
> might not necessarily have an account on the box..
> Essentially a simple username/password bind that the fedora ds would
> then use kerberos to authenticate..
>
> That being said, it would appear that fedora ds does not have an equiv
> capability as the openldap server correct out of the box?
That is correct, but the pam passthru auth plugin will do what you want.
>
> Thanks for your very quick responses!
>
> Tom
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060725/e378619d/attachment.bin>
More information about the Fedora-directory-users
mailing list