We have a PAM pass thru plugin that allows you to pass through the authentication request from FDS to PAM, and then to kerberos or whatever you want. We use this internally to allow LDAP clients that can only do simple BIND to use their Kerberos password. It's not compiled or enabled by default, but it's pretty simple to do so. http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/?root=dirsec Derek T. Yarnell wrote: > Does the Fedora DS or RHDS support pass thru authentication via SASL? > For example, openldap can use --enable-spasswd at compile time to > allow simple binds be accepted at the LDAP level and then > authenticated with SASL (saslauthd in this example) to kerberos > underneath and accept the bind. > > I need to have kerberos around for AFS but would like to be able to > just use the LDAP directory as a way to authenticate clients that are > not kerberized. > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3312 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20051103/73a8e2a7/attachment.bin
