[Freeipa-users] bind-dyndb-ldap: using keytabs for auth to ldap
Brendan Kearney
bpk678 at gmail.com
Tue Apr 1 19:34:19 UTC 2014
> Hello!
> Before I dive into details, please read about the following bug:
> https://fedorahosted.org/bind-dyndb-ldap/ticket/134
>
> I just found it, fixed it and I'm attaching patch for you so you don't need to
> wait for a new release :-)
thanks, but i am not sure how to apply patches.
> Your LDAP server will get the whole principal and it is up to the server how
> it will map it to some existing entity.
what do you do on the IPA side? did you follow some best practice? i
am trying not to reinvent the wheel.
> BTW documentation about named.conf syntax is in README:
> https://git.fedorahosted.org/cgit/bind-dyndb-ldap.git/plain/README
as well as in the package. i did consult the doc.
> Let us know if you encounter any problem.
certainly will.
> BTW did you see FreeIPA project? It integrates LDAP+Kerberos with management
> tools and nice user interface and solver Microsoft AD integration.
>
> Maybe it could save you some headaches ...
not a big fan of 389, as it is a fork of openldap, though RH has done
some nifty things with it (dogtag, IPA, etc). i am a bit of a purist,
thats all. also, this is a learning exercise for me. i am trying to
understand the inner workings of each of the pieces and see how they
interoperate with each other.
More information about the Freeipa-users
mailing list