[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP configuration ?



Hi !

  I have build OpenLDAP package with --enable-kpasswd and
--with-cyrus-sasl. Also I have installed Kerberos server and succesfully
utilized database with some principals, so I can "kinit" myself against
kerberos server. I have utilized LDAP server (in simple -x mode) with
some user entries. My understanding of OpenLDAP, Kerberos and SASL is
really newbie level and I do not get all work like I would like to
(Browsing mailing-list through still). So here are some questions.

    1. I start server /usr/local/libexec/slapd -d 1 -h "ldap:///";. Now I
can put entries to server if I use "-x" simple authentication with
ldapadd and search with ldapsearch. But if trying to use SASL (without
that -x) I get just error message: "ldap_sasl_interactive_bind_s: No
such object". From debug I do notice that sasl_init is ok, but nothing
else sasl dependent not found from debug information (Even if using -d
-1). I do have TLSSertificateFile and TLSSertificateKeyFile created and
added to slapd.conf (if there is any help from these for
SASL authentication ?). What might be the problem ?

    2. What kind of changes I should do for my user entries which are in
LDAP server if I want to use Kerberos authentication (currently test
entry is using {crypt} encryption, and the password is saved in
LDAP database).

    3. What kind of configurations I have to do to ldap.conf and
slapd.conf for Kerberos authentication ?

    Thank you very much,
                                            -Mika Saari