Hello. On 02/13/2013 05:53 AM, Asmaa Ahmed wrote:
I am having kerberos MIT integrated to LDAP as a backend which is good so far.The problem that I have some applications doesn't support Kerberos to restore the user credentials.
Do they support authentication with LDAP? If so, you can configure your LDAP server to use SASL to check the user passwords against Kerberos. See this article: http://thomas.dereyck.eu/wiki/Setting%20up%20an%20LDAP%20server#Enabling_pass-through_authentication_to_Kerberos
I wonder if I can decrypt the password from Kerberos server manually to have it in a plaintext,
As Chris said, that's a big security risk and completely defeats Kerberos' purpose. If the applications don't allow any external authentication, you might be able to find a plug-in that sits between the application and the DB that intercepts the auth requests and services them with SASL or Kerberos directly.
Sincerely, Sean M. Pappalardo Sr. Networks Engineer Renegade Technologies [email protected] Office: (630) 631-6188 http://www.renegadetech.com
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
