You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is more of a question than an issue, and discussions aren't set up on this repo or organization, so I guess I'll ask here.
Is there a way to use this to authenticate an LDAP connection to Active Directory? I'm writing a command line application in Go which interacts with an on-premise AD domain and I'd like to avoid storing secrets if I can help it. Each user already has a valid Kerberos ticket and is authenticated to AD, I just don't know how to make use of that when I want to talk to LDAP.
Thank you!
The text was updated successfully, but these errors were encountered:
Hi - thanks for the interest. Right now the code is not in a state that it should be used in a production context .. while I'm fairly happy with the GSSAPI code, the underlying go-native Kerberos library isn't as well maintained as it needs to be. I actually started this with the same goal of providing krb auth for LDAP but never managed to spend enough time on it unfortunately. I think that the native go krb library needs some feeding and watering and/or a well supported C binding needs to exist for GSSAPI on Go to be something I would use in prod. In the mean time I wonder if mTLS is a better option for AD?..
This is more of a question than an issue, and discussions aren't set up on this repo or organization, so I guess I'll ask here.
Is there a way to use this to authenticate an LDAP connection to Active Directory? I'm writing a command line application in Go which interacts with an on-premise AD domain and I'd like to avoid storing secrets if I can help it. Each user already has a valid Kerberos ticket and is authenticated to AD, I just don't know how to make use of that when I want to talk to LDAP.
Thank you!
The text was updated successfully, but these errors were encountered: