Reply To: LDAP Client configuration for authentication?

Home Page Forums Network Management Linux and Networking LDAP Client configuration for authentication? Reply To: LDAP Client configuration for authentication?

#47319

dbs
Member

I do apologize for the n00b questions – authentication services are relatively new for me (though I used to admin NIS servers. Weep for me)

@fulvio wrote:

Use
rootbinddn cn=manager,dc=interlude,dc=homeport,dc=org
or anomymous bind.

Hmm, I don’t have a login called ‘manager’. I do have the default ‘admin’ account – that’s what I’ve been using – should I not use that? Also, does this negate the need for ‘bindpw’?

@fulvio wrote:

Do not forget that Zeroshell uses LDAP only for authorisation. The authentication is managed by Kerberos5 and hence the hash of the password is not stored in LDAP.

Alright, I barely know Kerberos, so I need ot learn that. What I understand here is that I must set up a kerberos server/client configuration (get a client key generated, etc), and set up the shared keys – LDAP will be used for authorization (“Yes, there’s a person named bob”), and k5 will be used for authentication (“and they can access this machine.”) ?

Thanks again!