Overview
Introduction to LDAP
| Integrating Kerberos Server v3.1 with LDAP |
| You can configure Kerberos server v3.1 with LDAP as the backend |
| database. By integrating the Kerberos principals with the corresponding |
| users in the LDAP directory, you store data for mechanisms, such as |
| UNIX and Kerberos in a common repository. Also, you can secure user |
| credentials by mandating users to use LDAP credentials. |
| Implementing this solution involves the following steps: |
| — Modifying the configuration files on the Kerberos server |
| — Extending the LDAP directory schema |
| The Kerberos Server v3.1 Administrator’s Guide first details the design |
| specifications in terms of the Kerberos Server requirements and the |
| LDAP directory requirements. It then covers the actual implementation |
| guidelines and procedures used to accomplish this solution. |
| You must use the krb_2_ldap utility to migrate your existing Kerberos |
| database to LDAP. See “Migrating to a Newer Version of the Kerberos |
| |
| You can configure your Kerberos server with LDAP by either using the |
| autoconfiguration tool, krbsetup, or manually editing the LDAP |
| configuration files located in the /opt/krb5/examples directory. For |
| more information see Chapter 6, “Configuring the Kerberos Server with |
| LDAP,” on page 73. HP recommends that you use the krbsetup tool to |
| configure your Kerberos server with the LDAP. |
| You can administer and maintain the Kerberos database by either using |
| the HP Kerberos Administrator, a graphical user interface, or the |
| |
| |
|
|
NOTE | Kerberos server v3.1 supports only Netscape Directory server 6.0 |
| (J4258CA) and later, as the LDAP backend database. You must have the |
| |
| server with LDAP as the backend database. |
|
|
Chapter 1 | 33 |