Manualshelf

Kerberos Server Version 3.12 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Kerberos Data Security Software
21222324252627282930
Overview
Introduction to LDAP
Chapter 130
Integrating Kerberos Server v3.12 with LDAP
You can configure Kerberos server v3.12 with LDAP as the backend
database. By integrating the Kerberos principals with the corresponding
users in the LDAP directory, you store data for mechanisms, such as
UNIX and Kerberos in a common repository. Also, you can secure user
credentials by mandating users to use LDAP credentials.
Implementing this solution involves the following steps:
Modifying the configuration files on the Kerberos server
Extending the LDAP directory schema
This document details the design specifications in terms of the Kerberos
Server requirements and the LDAP directory requirements. It then
covers the actual implementation guidelines and procedures used to
accomplish this solution.
You must use the krb_2_ldap utility to migrate your existing Kerberos
database to LDAP. For more information, see Chapter 3, “Migrating to a
Newer Version of the Kerberos Server,” on page 39.
You can configure your Kerberos server with LDAP by either using the
autoconfiguration tool, krbsetup, or manually editing the LDAP
configuration files located in the /opt/krb5/examples directory. For
more information see Chapter 6, “Configuring the Kerberos Server with
LDAP,” on page 73. HP recommends that you use the krbsetup tool to
configure your Kerberos server with the LDAP.
You can administer and maintain the Kerberos database by either using
the HP Kerberos Administrator, a graphical user interface, or the
command-line administrator. Fore more information, see Chapter 8,
Administering the Kerberos Server,” on page 109.
NOTE Kerberos server v3.12 supports only Netscape Directory server 6.0
(J4258CA) and later, as the LDAP backend database. You must have the
LDAP-UX product installed on the Kerberos server to setup a Kerberos
server with LDAP as the backend database.