[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Integration: MIT Kerberos V and OpenLDAP with SASL/GSSAPI

To: openldap-software@OpenLDAP.org
Subject: Re: Integration: MIT Kerberos V and OpenLDAP with SASL/GSSAPI
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Sat, 06 Mar 2004 15:35:59 +0100
In-reply-to: <200403060702.04867.openldap@gnosys.biz> (openldap@gnosys.biz's message of "Sat, 6 Mar 2004 07:02:04 -0500")
References: <200403060702.04867.openldap@gnosys.biz>
User-agent: Gnus/5.1001 (Gnus v5.10.1) XEmacs/21.4 (Portable Code, linux)

Kevin <openldap@gnosys.biz> writes:

> Hi All-
>
> I'm trying to integrate the subject software and having difficulty 
> with the part that seems most mysterious to me:
> getting slapd to say, "Oh, a user is trying to do initial kerberos 
> authentication through me...
[...]
> For any of you that might already be doing this, how do you establish
> the connection between LDAP and the authentication server?

Your main source of information should be

http://www.openldap.org/doc/admin21/ or
http://www.openldap.org/doc/admin22/
http://www.openldap.org/faq/data/cache/1.html

why don't you just use a sasl mechanism like gssapi and write
apropriate sasl-regexp  in your slapd.conf?

ldapsearch -Y GSSAPI -H ldap://my.host ... works fine for me.

-Dieter

-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de

Follow-Ups:
- Re: Integration: MIT Kerberos V and OpenLDAP with SASL/GSSAPI
  - From: Kevin <openldap@gnosys.biz>
- Re: Integration: MIT Kerberos V and OpenLDAP with SASL/GSSAPI
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

References:
- Integration: MIT Kerberos V and OpenLDAP with SASL/GSSAPI
  - From: Kevin <openldap@gnosys.biz>

Prev by Date: Integration: MIT Kerberos V and OpenLDAP with SASL/GSSAPI
Next by Date: StartTLS with Debian and Solaris 9
Index(es):
- Chronological
- Thread