[Fedora-directory-users] Question re: {KERBEROS} syntax
Richard Megginson
rmeggins at redhat.com
Tue Jul 25 20:22:54 UTC 2006
Tom Ryan wrote:
>
>
>
> On 7/25/06 4:00 PM, "Richard Megginson" <rmeggins at redhat.com> wrote:
>
> >
> > That being said, it would appear that fedora ds does not have an
> equiv
> > capability as the openldap server correct out of the box?
>
> That is correct, but the pam passthru auth plugin will do what you
> want.
>
>
> I’m confused.. It would appear that while it would do something
> (albeit similar), it would not do what I want..
>
> I.e. Allow me to authenticate a user (irregardless of whether they
> have an account on the local system) by using the supplied simple bind
> credentials and attempting a kerberos validation of them.
Yes, because with the plugin, fedora ds simply passes the credentials
through to PAM, which can be configured to do kerberos auth (local or
remote). So, instead of using saslauthd (as in openldap) you just use
PAM to do the same thing.
>
> Thanks and again, please pardon my ignorance.
>
> Tom
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060725/46980b7c/attachment.bin>
More information about the Fedora-directory-users
mailing list