Hi all.
I've got CentOS 6.5 server enrolled in an AD domain. There's a script which should connect to AD and get some info with ldapsearch. We were using simple bind with username and password, but I wonder if there is any way to do queries and being authenticated by GSSAPI without the need of password entering? Maybe, I somehow can use system krb5.keytab and do queries from the name of the server (host/pc@DOMAIN credentials)? Or I should create separate keytab and specify it in ldapsearch? But I haven't found this option. Moreover, I know that kerberos tickets could expire and I should re-enter pass to obtain new one.
How can I do that?
Thank you in advance.