[31142] in Kerberos
Re: NIS => Kerberos/LDAP Migration
daemon@ATHENA.MIT.EDU (Russ Allbery)
Tue May 19 13:53:26 2009
To: kerberos@mit.edu
In-Reply-To: <52BCDB62-B821-4329-BF6A-F51CDF22FBB5@unilim.fr> (Hubert
Chomette's message of "Tue\, 19 May 2009 10\:07\:45 +0200")
From: Russ Allbery <rra@stanford.edu>
Date: Tue, 19 May 2009 10:52:35 -0700
Message-ID: <87my99askc.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hubert Chomette <hubert.chomette@unilim.fr> writes:
> So If I correctly understand, I've got two choice:
>
> - migrate my kdc to version 1.7 (I suppose you mean experimental,
> cause there is no major differents release between stable ans testing)
> / or use heimdal kerberos
It's not the KDC that's the issue, just the libraries for the client
systems where the PAM module would be running. And yeah, sorry, it's
only in unstable so far.
> - make my own pam module using perl to send login/passwd with kadmin
You'll run into the same problem that the existing PAM module has unless
you run the kadmin command-line client with system(), which is going to
be tricky from an authentication perspective.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
