[SunHELP] ldap and kerberos 5 Integration in Solaris 9
Vikas Gandhi
VGandhi at quark.co.in
Mon Aug 25 07:45:05 CDT 2003
Hi All
We have a requirement of single logon. It means that a user that logs on
to authenticate to onw service of sun should be allowed to use the other
service. Like in windows 2000 we have a similar concept. If u install
MSExchange 2000 with ADSI u get a facility of common logon as Microsoft uses
kerberos for all the authentications. U are authenticated once. Then all the
rest of the services u need not to be authenticated as u get a TGT from KDC.
Requirement
Our requirement is almost on the same patterns. I want to have a common LDAP
repository that authenticates thru KDC so that if I get a ticket for one
service, I should not run after another ticket.
In Solaris 9, I have installed a KDC server in Solaris 9 and have been able
to authenticate them against kerberos. Now I do not know which LDAP/pam-LDAP
mapping shall give me the same result. I just know that sun has done this
much earlier. But how to go about it is a Question that I do not know.
I have two choices. 1) iPlanet directory server 2) Sun ONE Meta-Directory. I
do not know which one is good or suits me ???? Also how to integrate them
???
Can someone guide me as how to go about all this.
Thanks
Vikas
More information about the SunHELP
mailing list