# Kerberos + LDAP

## rysic

Hello!

I'm thinking about a way how to connect Kerberos + LDAP.

Main solution is to kerberyse LDAP and acces to LDAP using Kerberos tickets. But in that way Kerberos and LDAP have two different user databases and if different services use different databases, users can have different passwords.

Second idea is to store Kerberos database in LDAP. Did someone use that solution? Is that Kerberos structure (users, password storing) working as a normal LDAP users database? Can Kerberos users and passwords be used for other services (are password hashed correctly etc.)?

Thanks for suggestions!

----------

## prometheanfire

First an overview.  LDAP is for storing user data (everything but passwords).  Kerb is for passwords.

The two ways I know of for doing it is to either keep them separate (how I'm doing it now).  You could also stor kerberos within LDAP, I don't know how to do this (don't have my books with me), but I know it is done this way.  I have never heard of storing LDAP within kerb.

-- Matthew Thode (prometheanfire)

----------

## rysic

I found that way of integrating: http://www.rjsystems.nl/en/2100-kerberos-openldap-provider.php

and the qiestion is if it will be possible later to use Kerberos user database (sored in LDAP) in different systems...   :Rolling Eyes: 

----------

