Filter
Top Products
Configuring the Kerberos Server with LDAP
Setting up Your LDAP Configuration
Chapter 684
Setting up Your LDAP Configuration
Plan how to set up and verify your LDAP directory and your Kerberos
server environment, before you put them into production. Consider the
following questions and record your decisions and other information that
you will need later in the Configuration Worksheet found in Appendix A,
“Configuration Worksheet,” on page 311.
• What is the host name of your directory server?
Write down your directory server host name in the Configuration
Worksheet. This is where your Kerberos principals reside. Enter
either the FQDN or the IP address.
For example, fox.bambi.com or 18.13.118.130.
• What is the port number of your directory server?
Write down the port number of your directory server in the
Configuration Worksheet.
— If you have opted for SSL as the security mechanism the default
TCP port number is 636.
— If you have opted for Password as the security mechanism the
default TCP port number is 389.
• Have you decided to extend the schema?
A schema is the collection of object class and attribute type
definitions. A server uses these definitions to determine how to
match a filter or attribute against the attributes of a specific entry
and whether to grant permissions to any given attributes.
You must have administrative privileges to extend the schema. If you
do not have these privileges contact your LDAP administrator. You
need to extend the LDAP schema with Kerberos specific object
classes and attributes.
• Have you decided on the security mechanism?
To access the information stored in the directory, you must
authenticate to the directory first. Once authenticated, and
depending on the authorization information stored in the directory