[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Question on using ldap as password database for heimdal

jay alvarez <kerber0sb0y@yahoo.com> writes:

> does it mean that my whole ldap directory will
> be encrypted too because of the way kerberos stores
> user credentials?

If you have a master key, the keys will be encrypted (but no other data of
the kerbero data). 

You must set you ACL's right in the ldapserver so only the KDC can access
the kerberos bits. You should check your ldap server documentation, and the
setup documentation in the heimdal info-tree (available on web from heimdal


PGP signature