Thanks Rob.
I have looked into the Free IPA project and somehow I just want to setup
Kerberos 1.6 with its principal database in FDS 1.2.0.
Isnt it that when I add an entry to the FDS and try to kinit with the name of
the entry i just added, is kerberos supposed to give me a ticket?
John Robert Mendoza
--- On Tue, 7/21/09, Rob Crittenden <rcrit...@redhat.com> wrote:
From: Rob Crittenden <rcrit...@redhat.com>
Subject: Re: [389-users] MIT Kerberos and FDS integration
To: "General discussion list for the 389 Directory server project."
<fedora-directory-users@redhat.com>
Date: Tuesday, 21 July, 2009, 10:33 AM
John Robert Mendoza wrote:
> Thanks for the reply Rob.
>
> I did manage to solve the error by changing the permissions on the ds.keytab
> file.
>
> I can finally do ldapsearch with gssapi. BTW, I was just wondering, would
> there be any way i can make ldap as the database for the kerberos principals.
>
> Isn't it that when get a ticket from kerberos it supposed to look into ldap
> for its principals?
Yes, MIT kerberos has an LDAP backend that you can use. You might want to look
into the IPA project at http://www.freeipa.org/ This is exactly what it does
(among other things). It might give you some pointers how to configure things
at a minimum.
rob
-----Inline Attachment Follows-----
--
389 users mailing list
389-us...@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
Connect instantly with more friends on your blog and personal website?
Create your latest Pingbox today! http://ph.messenger.yahoo.com/pingbox--
389 users mailing list
389-us...@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
