Tom Ryan wrote:
On 7/25/06 3:51 PM, "Richard Megginson" <rmeggins@xxxxxxxxxx> wrote: Tom Ryan wrote: > Yes, but its not quite what I’m looking for. Using {KERBEROS} under > openldap, the ldap server would validate the supplied user/password > using kerberos.. > > Unless I’m missing something, this won’t work for me.. Are you attempting a SASL/Kerberos bind or a simple username/password bind? If the latter, you will need the PAM passthru auth plugin: http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/README?root=dirsec=1.4=auto <http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/README?root=dirsec&rev=1.4&view=auto> <http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/README?root=dirsec&rev=1.4&view=auto>That’s the general idea of what I want.. The problem is that users might not necessarily have an account on the box.. Essentially a simple username/password bind that the fedora ds would then use kerberos to authenticate..That being said, it would appear that fedora ds does not have an equiv capability as the openldap server correct out of the box?
That is correct, but the pam passthru auth plugin will do what you want.
Thanks for your very quick responses! Tom ------------------------------------------------------------------------ -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
