On 11/9/05 9:15, Hirmke Michael <[EMAIL PROTECTED]> wrote: > Hi *, > >>> Hi *, >>> >>> another question - this time regarding the use of Net:LDAP >> on a Windows >>> machine. >>> When running on a Windows XP workstation, which is member >> of a Windows >>> 2003 >>> domain, is there any way to use the "integrated security", >> i.e. bind to >>> a >>> DC without using any credentials besides the ones of the >> logged in user? >>> Or is there any SASL mechanism, which would support this? >> >> This sounds like Kerberos. I don't know if there's a way to >> get (and use) >> your Kerberos ticket in perl and Authen::SASL. > > thx for your answer. > Yes, I also thought about using Kerberos, but at the moment I have > no idea how to get this going.
Kerberos is essentially what the SASL GSSAPI mechanism uses, but now I'm really running out of knowledge :-) > Is there anyone on this list, who can point me into the right > direction? > > Another possibility would be to use NTLM somehow - but same thing here: > No idea how to implement it. Again, there's an NTLM SASL mechanism. But that needs a password from the user, so I don't think it'll help you. (It is also quite insecure compared to things like Digest-MD5, so if you can use that mechanism you should.) Cheers, Chris
