Authenticating Mac OSX 10.3.X to Kerberos using LDAP. - Kerberos

This is a discussion on Authenticating Mac OSX 10.3.X to Kerberos using LDAP. - Kerberos ; Hi, I am trying to allow students in the Mac lab to authenticate at the login prompt to Kerberos using LDAP. I followed the instructions on various web sites but the only way that I was able to log in ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Authenticating Mac OSX 10.3.X to Kerberos using LDAP.

  1. Authenticating Mac OSX 10.3.X to Kerberos using LDAP.

    Hi,
    I am trying to allow students in the Mac lab to authenticate at the
    login prompt to Kerberos using LDAP. I followed the instructions on
    various web sites but the only way that I was able to log in with a valid
    kerberos username and password was if I created a local account with the
    same short uid name.

    I would like to avoid having to create local accounts and allow any student
    who has a valid keberos username and password to be able to login. We are
    not using AFS. Is there another way do this? I would appreciate any help
    you can provide. Thank you in advance and I look forward to hearing from you.

    Darin Pemberton
    Technical Specialist
    Barnard College, Columbia University.
    dpembert@barnard.edu, dp2128@columbia.edu
    212-854-9096

    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  2. Re: Authenticating Mac OSX 10.3.X to Kerberos using LDAP.

    On 2005-07-20 10:55:51 -0500, dpembert@barnard.edu (Darin Pemberton) said:

    > Hi,
    > I am trying to allow students in the Mac lab to authenticate at
    > the login prompt to Kerberos using LDAP. I followed the instructions
    > on various web sites but the only way that I was able to log in with a
    > valid kerberos username and password was if I created a local account
    > with the same short uid name.


    There's a big misunderstanding.

    Authenticating over Kerberos using LDAP?? Why? Why not using just
    Kerberos? LDAP can be used for information retrieval like home dirs,
    preferred shell, and so on.


    > I would like to avoid having to create local accounts and allow any
    > student who has a valid keberos username and password to be able to
    > login. We are not using AFS. Is there another way do this? I would
    > appreciate any help you can provide. Thank you in advance and I look
    > forward to hearing from you.
    >


    Where are the home directories? How can you make a user home withou
    AFS, NFS or other means AND without using local directories?


    --
    Sensei

    cd /pub
    more beer


+ Reply to Thread