@AartJansen said in Can I use ldap to authenticate a debian (or whatever linux flavour) desktop login?:
do the dockerised apps need to be kerebos aware/integrated too ?
Kind of. Either the applications need to support it directly or you chain it to something else. There is native support for saml already for quite a while, but also openid can be used nowadays.
If you want to Kerberos compatibility I would rather start there, than trying to extend the (afaik intentionally simple) ldap server of Cloudron. Possible solutions could be https://www.freeipa.org/ or https://www.univention.com.