1
00:00:00,000 --> 00:00:12,820
In this video, we'll briefly talk about LDAP and Kerberos, which can be used for authentication.

2
00:00:12,820 --> 00:00:17,559
So the Lightweight Directory Access Protocol, or LDAP, can be used to set up a centralized

3
00:00:17,559 --> 00:00:23,520
server used for authentication. LDAP is not just a protocol, it's also an authentication

4
00:00:23,520 --> 00:00:29,240
server that is very much like Active Directory. By itself, LDAP is not very secure, but security

5
00:00:29,240 --> 00:00:36,320
can be added using a Kerberos server. An easy-to-use solution on Linux to install LDAP and Kerberos

6
00:00:36,320 --> 00:00:43,680
is FreeIPA. This is an open-source server that implements both of these services. And

7
00:00:43,680 --> 00:00:47,840
that makes that you get something that is very much like Microsoft Active Directory,

8
00:00:47,840 --> 00:00:53,439
which by itself is also compatible with LDAP and Kerberos. So if you do want centralized

9
00:00:53,439 --> 00:00:58,160
authentication, but you don't want to bring in Active Directory, well, these are excellent

10
00:00:58,160 --> 00:01:04,680
solutions. The next part will be to set up Linux Client to authenticate on these external

11
00:01:04,680 --> 00:01:10,160
servers. To do so, SSSD, about which you've learned in the previous lesson, is commonly

12
00:01:10,160 --> 00:01:10,519
used.