I did this whole dance a while ago, getting ldap+samba+kerberos opertaing together, based off Turbo's guide. As I do it over again, I note that there seem to be more options out there. What are best practices and best bets for how to architect this setup? I'm mainly interested in how and where passwords are stored; I'm fairly sure I'm going to stick with kerberos serving as the chief authentication system, not running kerberos off ldap backend.
Is it still mainly all about having [EMAIL PROTECTED] in userPassword? I noticed Turbo's guide never gives LDAP a keytab entry. His setup didnt require LDAP to do any writing to kerberos, so it was unnecessary. Is this still the case? Of note, I do plan on running the KX509 / KCA setup off this at some point in the not too distant future. I'm running Heimdal and OpenLDAP 2.3. Seems to be going well so far. Much easier than I remember... so far. There's also better resources online. Thanks Rektide ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
