[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP & Kerberos

To: "Alexander Brinkman" <eon@eon.za.net>
Subject: Re: LDAP & Kerberos
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Sun, 11 Mar 2001 12:50:06 -0800
Cc: <openldap-software@OpenLDAP.org>
In-reply-to: <001301c0a94d$3bcde8a0$3400000a@sprinter.org>

At 11:30 AM 3/10/01 +0100, Alexander Brinkman wrote:
>Hi all,
>
>I'm trying to setup LDAP with Kerberos authentication, and things are
>starting to work (after having read I don't know how many documents and
>archives ;)). However, perhaps someone can clarify a few things that are
>still not quite clear to me...

Install Cyrus SASL and get their sample client/server working with
GSSAPI.  Then try with OpenLDAP.

>When I do an ldapsearch, the results a what an anonymous user would also
>get. (am I correct in this?). If so, is there a way to map/bind the Kerberos
>principal to a uid in the LDAP directory?

In 2.0, no  There is no direct relationship between SASL users
and directory entries.

Kurt

References:
- LDAP & Kerberos
  - From: "Alexander Brinkman" <eon@eon.za.net>

Prev by Date: performance statistics for openldap?
Next by Date: Is TLS broken?
Index(es):
- Chronological
- Thread