I do apologize for the n00b questions – authentication services are relatively new for me (though I used to admin NIS servers. Weep for me)
or anomymous bind.
Hmm, I don’t have a login called ‘manager’. I do have the default ‘admin’ account – that’s what I’ve been using – should I not use that? Also, does this negate the need for ‘bindpw’?
Do not forget that Zeroshell uses LDAP only for authorisation. The authentication is managed by Kerberos5 and hence the hash of the password is not stored in LDAP.
Alright, I barely know Kerberos, so I need ot learn that. What I understand here is that I must set up a kerberos server/client configuration (get a client key generated, etc), and set up the shared keys – LDAP will be used for authorization (“Yes, there’s a person named bob”), and k5 will be used for authentication (“and they can access this machine.”) ?