Hi Andrew, Andrew Wiley wrote: > I'm wondering if Apache Directory Server would be suitable for use in a > Linux-based single sign on environment using both Kerberos and LDAP. It > looks like this server would be much easier to deploy and maintain than the > traditional OpenLDAP + Kerberos setup, which would make my life easier. > The deployment would be part of a project I'm doing as part of my high > school senior year independent study project, where I'm exploring/developing > a Linux equivalent of Windows Domains, so I'm not incredibly worried about > production testing.
Yes, in principle that should be possible. But I can't recommend to use it for production. I used and fixed the KDC server some month ago. I was able to setup the KDC, to obtain a TGT using kinit and to obtain a service ticket to access the LDAP server using GSSAPI from ldapsearch command line. I also implemented GSSAPI authentication in Studio and used the ApacheDS KDC for testing. The latest dokumentation I wrote is [1]. But I have to warn you about other documentation: either it is missing or outdated. It would be nice if you want to use it for testing purpose and if you could give feedback or even better if you could provide patches and documentation. Kind Regards, Stefan [1]http://directory.apache.org/apacheds/1.5/543-kerberos-in-apacheds-155.html
