Hi,
The user db on my system is stored in LDAP and integrated with PAM and NSS. The LDAP db also contain address book data for each user. I would like to be able to call ldap utilities (e.g. ldapsearch) without having the user to enter his/her password everytime. I would also like for scripts running as those users to have access to the respective LDAP entries. I noticed ldapsearch supports SASL binds, so I was wondering if that could be used in conjunction with Kerberos to accomplish my goal (from what I understand, the kinit command would have to be called before ldapsearch). Is there any other way to do this?
Thanks, Jean-Luc