[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: openldap/sasl/krb5 authentication question:

To: "'Jeremy Hallum'" <jhallum@umich.edu>
Subject: RE: openldap/sasl/krb5 authentication question:
From: "Howard Chu" <hyc@highlandsun.com>
Date: Thu, 18 Dec 2003 10:51:31 -0800
Cc: <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <Pine.LNX.4.58.0312181334390.2084@tymora.astro.lsa.umich.edu>

> -----Original Message-----
> From: jhallum@tymora.astro.lsa.umich.edu
> [mailto:jhallum@tymora.astro.lsa.umich.edu]On Behalf Of Jeremy Hallum

> On Thu, 18 Dec 2003, Howard Chu wrote:
>
> > > krb5-*-1.2.7-14
> >
> > One more problem - MIT Kerberos is not thread-safe and
> *will* crash when used
> > by slapd. Use Heimdal instead.
> >
>
> 	Are you referring to the server side of kerberos?
> Thankfully the
> kdc is some place else, so this might not be a problem.

The KDC is not the issue, the problem is the Kerberos libraries that get
linked. If you're using SASL/GSSAPI and the gssapi module is linked against
the MIT libraries, then you have a problem. All of this has been covered
before on this mailing list, search the archives if you want more details.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

References:
- RE: openldap/sasl/krb5 authentication question:
  - From: Jeremy Hallum <jhallum@umich.edu>

Prev by Date: Re: designing a directory
Next by Date: MORE INFO: problem compiling openldap
Index(es):
- Chronological
- Thread