I am trying to get my head wrapped around securing LDAP so please forgive me this n00b questions. My final goal is to replace our current NFS+NIS with NFS+LDAP+[Kerberos] set up.
I see by default OpenLDAP clients are authenticating via SASL. I also see the Kerberos can be used with SASL. Could somebody point me to a document describing pros and cons of Kerberazing SASL on "secure" network? As described in an earlier e-mail I opted for OpenBSD stack LDAP server and I would use stack Kerberos server. Thanks, Predrag