Le Trung Kien wrote:
I try to use Kerberos to authenticate some services support it.
Which is your KDC?
I want to use Kerberos for authentication and LDAP for authorization
At current step I can allow users to login using LDAP, and users must
get a ticket to use
some LDAP's tools.
And as you see, I'm confused a bit. That system have two passwords for
an user and they
just can change one of them. Two passwords can be used to login.
You should simply allow normal users to login via pam_krb5. So
normal users would only need the Kerberos password.