[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP + Kerberos

To: openldap-software@OpenLDAP.org
Subject: Re: OpenLDAP + Kerberos
From: Turbo Fredriksson <turbo@bayour.com>
Date: 17 Oct 2003 13:00:41 +0200
In-reply-to: <Pine.LNX.4.58.0310162225250.9916@midnight>
Organization: LDAP/Kerberos expert wannabe
References: <Pine.LNX.4.58.0310162225250.9916@midnight>
User-agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7

>>>>> "Beck" == Beck Zoltan Gyula <beckzg@midnight.hu> writes:

    Beck> the MIT Kerberos, my problem is how can I use the kerberos
    Beck> authentication in ldap?

I thought my document was very clear in this regard...

I set the userPassword to '{KERBEROS}principal' and I'm
home free...

Now, if you're using 2.1.23, you have a (slight) problem. That
feature have been 'removed' (or at least disabled). I don't 
agree (and so are some others) against this, but...

This is a snippet from a mail on this list a couple of days ago:

----- s n i p -----
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: kpasswd
Cc: openldap-software@OpenLDAP.org
Date: Wed, 15 Oct 2003 12:05:15 -0700

At 08:32 AM 10/15/2003, Allan E Johannesen wrote:
>It appears that the --enable-kpasswd option is gone from openldap 2.1.23

Use
        env ol_enable_kpasswd=yes ./configure
instead.

That is, the feature (as broken as it is) still remains.
----- s n i p -----

Before enabling this, you might want to follow the thread,
and (hope) for a resolution to this. Othervice, you'll
have bigger problems when the feature is finaly removed.

It WILL be removed eventually, unless we can convince
Kurt and the core team to keep it (and the only way we
can do that is if someone steps forward to maintain that
part of the code).

References:
- OpenLDAP + Kerberos
  - From: Beck Zoltan Gyula <beckzg@midnight.hu>

Prev by Date: Re: openLdap ucdata error
Next by Date: Importing from Sun ONE Directory server
Index(es):
- Chronological
- Thread