Kerberos authenticatino and ldap authorization

Michael K. Smith - Adhost mksmith at
Tue Mar 6 18:28:27 UTC 2007

> -----Original Message-----
> From: owner-freebsd-questions at [mailto:owner-freebsd-
> questions at] On Behalf Of RJ45
> Sent: Tuesday, March 06, 2007 9:08 AM
> To: freebsd-questions at
> Subject: Kerberos authenticatino and ldap authorization
> Hello,
> I would liek to use FreeBSD as a login ox using krb5 authentication
> and ldap authorization.
> The KDC kerberos server is another machine as well hte LDAP server,
> this freebsd box is a kerberos and ldap client.
> Anyone could give me some good hint on hoe to configure hte FreeBSD
> in
> this way ?
> I tryed to search for infoes but could only get partial informations.
> for example I would like to installa MIT krb5 implementation from
> instead of using heidmal default this because the kerberos server
> on my network is a MIT server and I can't use kadmin on FreeBSD
> to administrer the kerberos server remotely using heidmal
> implementation.
> Anyone has experience of MIT krb5 implementation on FreeBSD ?
> as well hoe to enable LDAP authorization for logins on FreeBSD ?
> thanks
> Rick

Hello Rick:

Check out
th-nss_ldap-and-pam_ldap/.  It doesn't address your question regarding
MIT Kerberos specifically, but it does give a good overview of using
LDAP for authentication.  Granted, you won't be using it to access an
Active Directory, but the other configuration parameters will apply
(nsswitch.conf, ldap.conf, PAM modules, etc.).



More information about the freebsd-questions mailing list