Hi, thank you for you reply I try to use Kerberos to authenticate some services support it. I want to use Kerberos for authentication and LDAP for authorization in my system. At current step I can allow users to login using LDAP, and users must get a ticket to use some LDAP's tools. And as you see, I'm confused a bit. That system have two passwords for an user and they just can change one of them. Two passwords can be used to login.
2008/1/30, Michael Ströder michael@stroeder.com:
Le Trung Kien wrote:
I'm attempting to use ldap with kerberos 5,
What does that mean? Is your KDC using OpenLDAP as backend-database or are you just using Kerberos tickets to authenticate against the LDAP server with SASL GSSAPI bind?
user1]$ passwd Kerberos 5 Password: ****** New UNIX password: ****** Retype new UNIX password: ******
This is related to your PAM configuration.
Ciao, Michael.