openldap/clients/ud
Kurt Zeilenga 6437785a82 Initial implementation of Kerberos password verification for
simple bind via:
	{KERBEROS}principal
Code is disabled by default (for security reasons).  Use
--enable-kpasswd to enable.  Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support.  Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
2000-01-08 18:42:11 +00:00
..
auth.c Initial implementation of Kerberos password verification for 2000-01-08 18:42:11 +00:00
edit.c Remove lint 1999-12-13 04:53:59 +00:00
etc.ud.conf
find.c Remove lint 1999-12-13 04:53:59 +00:00
globals.c Initial implementation of Kerberos password verification for 2000-01-08 18:42:11 +00:00
group.c Remove lint 1999-12-13 04:53:59 +00:00
help.c Remove lint 1999-12-13 04:53:59 +00:00
main.c Initial implementation of Kerberos password verification for 2000-01-08 18:42:11 +00:00
Makefile.in Use new macros from configure.in to accomodate NT/Mingw32 environment. 1999-10-28 07:31:59 +00:00
mod.c Remove lint 1999-12-13 04:53:59 +00:00
print.c Remove lint 1999-12-13 04:53:59 +00:00
README
string_to_key.c Initial implementation of Kerberos password verification for 2000-01-08 18:42:11 +00:00
ud.dsp Changes to support NT single debug 1999-11-01 22:17:06 +00:00
ud.dsw Vienna Bulk Commit 1999-05-19 01:12:33 +00:00
ud.h Initial implementation of Kerberos password verification for 2000-01-08 18:42:11 +00:00
util.c Initial implementation of Kerberos password verification for 2000-01-08 18:42:11 +00:00

Users
-----
For users, see the man page on ud.

Installers
----------
For installers, see the header file.  Anything that is configurable is
listed in there as a #define, and the file is pretty well commented.

Kerberos users
--------------
If you're going to use Kerberos, be sure that you have a Kerberos config file
in /etc/krb.conf of the form:

	<realm>
	<realm> <server-for-realm> [ admin server ]

This should be the realm in which users are going to authenticate, which
is not necessarily your realm.

You can certainly have other entries in this file, but you'll need at least
these two.

Also be sure that you have the necessary entries in /etc/services so that
your client knows on which port to find a Kerberos authentication server.
An pair of entries like this:

  kerberos        750/udp         kdc             # Kerberos authentication
  kerberos        750/tcp         kdc             # Kerberos authentication

is fairly typical.