LDAP and Kerberos, So Happy Together

By Juliet Kemp, Posted January 14, 2009

Tip of the Trade: LDAP organizes information and provides access to it. Kerberos is designed to handle authentication. Separate they are useful; together they offer a powerful and secure solution.

SHARE

Download the authoritative guide: Cloud Computing 2019: Using the Cloud for Competitive Advantage

LDAP (Lightweight Directory Access Protocol) is basically a way of organizing information and providing access to it. It's commonly used for user, service and machine information, and it's incredibly useful. The Linux version is OpenLDAP. It will handle authentication as well as information (so the password aspect of login as well as looking up who the user is, where his home directory is, and so on). However, it's not as secure as it could be — by default connections are unencrypted, so your password is being sent out in the open.

Previously, you could deal with this using SSL tunneling, but that has been deprecated since the retirement of LDAPv2 (in 2003). TLS is another option, but even using that, LDAP still has security problems.

For security, your best option is Kerberos. Kerberos is specifically designed to handle authentication. It will not do the information lookup that LDAP does. It avoids password security problems and enables single-sign-on (a very useful feature!).

So the ideal situation is to use both Kerberos and LDAP: one for authentication and one for information organization and access. In fact, they do play quite nicely together, but information about on how to achieve this is limited. If you do want to set them up, check out this two-part article I wrote (requires registration but is free) a while back which is still relevant. You can also get more information from the LDAP and Kerberos web pages.

This article was first published on ServerWatch.com.

RELATED NEWS AND ANALYSIS

Top Machine Learning Solutions

FEATURE | By Samuel Greengard, February 14, 2019
Google Machine Learning Engine: Product Overview and Insight

ARTIFICIAL INTELLIGENCE | By Samuel Greengard, February 14, 2019
Alteryx: Product Overview and Insight

ARTIFICIAL INTELLIGENCE | By Samuel Greengard, February 14, 2019
SAP Leonardo: Product Overview and Insight

ARTIFICIAL INTELLIGENCE | By Samuel Greengard, February 14, 2019
RapidMiner: Product Overview and Insight

ARTIFICIAL INTELLIGENCE | By Samuel Greengard, February 14, 2019
Microsoft Azure Machine Learning Studio: Product Overview and Insight

ARTIFICIAL INTELLIGENCE | By Samuel Greengard, February 14, 2019
IBM Watson Studio: Product Overview and Insight

ARTIFICIAL INTELLIGENCE | By Samuel Greengard, February 14, 2019
SAS Visual Machine Learning: Product Overview and Insight

FEATURE | By Samuel Greengard, February 14, 2019
AWS SageMaker: Product Overview and Insight

ARTIFICIAL INTELLIGENCE | By Samuel Greengard, February 14, 2019
Artificial Intelligence in Business: Using AI in Your Company

ARTIFICIAL INTELLIGENCE | By Daniel Dern, February 08, 2019
How IBM’s Project Debater Could Fix Facebook

ARTIFICIAL INTELLIGENCE | By Rob Enderle, January 21, 2019
IBM Announces Most Powerful AI Effort Yet: The Birth of Smart HR

ARTIFICIAL INTELLIGENCE | By Rob Enderle, December 07, 2018
IBM Spectrum Discover: AI at Scale

ARTIFICIAL INTELLIGENCE | By Rob Enderle, October 26, 2018
The Top Cloud-Based AI Services

ARTIFICIAL INTELLIGENCE | By Andy Patrizio, September 11, 2018
Artificial Intelligence Salaries: Paychecks Heading Skyward

ARTIFICIAL INTELLIGENCE | By Andy Patrizio, August 28, 2018
Artificial Intelligence Use Cases

FEATURE | By Samuel Greengard, August 13, 2018
25 Top AI Startups

FEATURE | By Andy Patrizio, July 18, 2018
CIOs Leveraging AI and Machine Learning For ITSM Goals

ARTIFICIAL INTELLIGENCE | By Jeff Kaplan, July 03, 2018
35 Artificial Intelligence Courses

ARTIFICIAL INTELLIGENCE | By Cynthia Harvey, May 04, 2018
Top 15 Machine Learning Companies

ARTIFICIAL INTELLIGENCE | By Andy Patrizio, April 19, 2018

SEE ALL NETWORKS ARTICLES

IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD

Which topic are you interested in?

Mobile

Security

Networks/IoT

Cloud

Data Storage

Applications

Development

IT Management

Other

What is your company size?

What is your job title?

What is your job function?

Searching our resource database to find your matches...

Submit a Comment

Loading Comments...

Copyright 2019 Quinstreet Inc. All Rights Reserved.

Advertiser Disclosure: Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.