You are not logged in.
- Topics: Active | Unanswered
#1 2013-08-23 20:53:49
- ub1quit33
- Member
- Registered: 2013-04-30
- Posts: 58
OpenLDAP/Kerberos Authentication -- Should I really care?
So I've begun working on implementing an OpenLDAP directory for myself, and I'm currently considering my options for authentication schemes. Kerberos seems to be a popular choice for LDAP servers. What I am trying to understand is, what is it that makes Kerberos such a popular choice? What security or administrative bonuses are to be gained from Kerberos over doing something like a simple bind over SSL/TLS? I have done some reading on how Kerberos works, but I have never implemented it before, so I don't have a very firm grasp on it.
I was just hoping to get some brain dumps and thoughts. Thanks in addvance to anyone who shares!
Offline
#2 2013-08-24 01:58:22
- skottish
- Forum Fellow
- From: Here
- Registered: 2006-06-16
- Posts: 7,942
Re: OpenLDAP/Kerberos Authentication -- Should I really care?
Microsoft adopted Kerberos a bunch of years ago and it's supported by many, if not all of the major *nix families. There are quirks in the implementations, but just about every platform understands it. That's why it's so popular.
Offline