I'm going to assume you are running Linux. I do LDAP with NSS and
Kerberos with PAM. No, you don't tell LDAP to verify with the {kerberos}
property. Thats a security risk. MIT Kerberos cannot use LDAP as a backend.
Heimdal Can. There is a schema in LDAP called kerberosecurityobject,
That is what would hold MIT Kerberos Credentials IF MIT Kerberos
supported LDAP. Heimdal has its own Schema.GSSAPI applies to Samba, PostFix, Apache, and SSH with Kerberos support SASL with GSSAPI applies to OpenLDAP Authenticating autonymously against another OpenLDAP for reasons of replication. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
