Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 6 Mar 2007 10:28:17 -0800
From:      "Michael K. Smith - Adhost" <mksmith@adhost.com>
To:        "RJ45" <rj45@slacknet.com>, <freebsd-questions@freebsd.org>
Subject:   RE: Kerberos authenticatino and ldap authorization
Message-ID:  <17838240D9A5544AAA5FF95F8D52031601C59C9A@ad-exh01.adhost.lan>
In-Reply-To: <Pine.LNX.4.61.0703061004250.5931@slacknet.com>
References:  <Pine.LNX.4.61.0703061004250.5931@slacknet.com>
next in thread | previous in thread | raw e-mail | index | archive | help 


> -----Original Message-----
> From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-
> questions@freebsd.org] On Behalf Of RJ45
> Sent: Tuesday, March 06, 2007 9:08 AM
> To: freebsd-questions@freebsd.org
> Subject: Kerberos authenticatino and ldap authorization
>=20
>=20
> Hello,
> I would liek to use FreeBSD as a login ox using krb5 authentication
> and ldap authorization.
> The KDC kerberos server is another machine as well hte LDAP server,
> this freebsd box is a kerberos and ldap client.
>=20
> Anyone could give me some good hint on hoe to configure hte FreeBSD
box
> in
> this way ?
> I tryed to search for infoes but could only get partial informations.
>=20
> for example I would like to installa MIT krb5 implementation from
ports
> instead of using heidmal default this because the kerberos server
> on my network is a MIT server and I can't use kadmin on FreeBSD
> to administrer the kerberos server remotely using heidmal
> implementation.
> Anyone has experience of MIT krb5 implementation on FreeBSD ?
>=20
> as well hoe to enable LDAP authorization for logins on FreeBSD ?
>=20
> thanks
>=20
> Rick


Hello Rick:

Check out
http://joseph.randomnetworks.com/archives/2004/06/21/active-directory-wi
th-nss_ldap-and-pam_ldap/.  It doesn't address your question regarding
MIT Kerberos specifically, but it does give a good overview of using
LDAP for authentication.  Granted, you won't be using it to access an
Active Directory, but the other configuration parameters will apply
(nsswitch.conf, ldap.conf, PAM modules, etc.).

Regards,

Mike

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17838240D9A5544AAA5FF95F8D52031601C59C9A>