From: Sebastian Hagedorn (no email)
Date: Thu Nov 29 2007 - 04:57:58 EST
Hi Gary,
--On 28. November 2007 19:40:22 -0600 Gary Mills <>
wrote:
> We have a central database that contains Unix, NTLM, and SASL
> passwords, permitting single-password signons for Unix and Windows
> desktops, and for Cyrus IMAP. I'd like to add Kerberos to this mix,
> but only for IMAP authentications initially. This would permit
> single-signon from Unix IMAP clients like mutt and pine, and
> especially from a webmail application using pubcookie for
> authentication. I'd like Kerberos to use the same passwords, rather
> than supporting another password database. Is anybody doing this? Is
> it even possible?
I don't think so, but I could be wrong.
> If not, would it be possible to keep them
> synchronized?
Well, I would assume that your "SASL passwords" are actually plain text,
right? If you have the the actual passwords you can of course keep two
databases in sync. We do something similar. There's a cron job that runs
once per hour and handles deltas.
--
.:.Sebastian Hagedorn - RZKR-R1 (Gebäude 52), Zimmer 18.:.
Zentrum für angewandte Informatik - Universitätsweiter Service RRZK
.:.Universität zu Köln / Cologne University - ✆ +49-221-478-5587.:.
.:.:.:.Skype: shagedorn.:.:.:.
|
|
|