[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authenticate to ldap using Kerberos

To: Wouter van Marle <wouter@squirrel-systems.com>
Subject: Re: Authenticate to ldap using Kerberos
From: Dan White <dwhite@olp.net>
Date: Wed, 8 Sep 2010 13:24:15 -0500
Cc: openldap <openldap-technical@openldap.org>
Content-disposition: inline
In-reply-to: <20100908171543.GD3297@dan.olp.net>
References: <207bd0ddd5679c08fda7f7b3a0c606e5@squirrel-systems.com> <20100908171543.GD3297@dan.olp.net>
User-agent: Mutt/1.5.20 (2009-06-14)

On 08/09/10 12:15 -0500, Dan White wrote:

To have slapd use saslauthd for authentication, you'll need to create the
file /usr/lib/sasl2/slapd.conf, with these contents:

pwcheck_method: saslauthd
mech_list: plain login

and optionally

keytab: /etc/krb5.keytab   (which is the standard location)


Check that. That should be:

pwcheck_method: saslauthd
mech_list: plain login gssapi external
keytab: /etc/krb5.keytab

Do you have ldap/acorn.squirrel@SQUIRREL in /etc/krb5.keytab, on the
server? Is it readable by the slapd user?


Also see:

http://www.cyrusimap.org/mediawiki/index.php/FAQ#Cyrus_SASL_Questions

--
Dan White

Follow-Ups:
- Re: Authenticate to ldap using Kerberos
  - From: Wouter van Marle <wouter@squirrel-systems.com>

References:
- Authenticate to ldap using Kerberos
  - From: Wouter van Marle <wouter@squirrel-systems.com>
- Re: Authenticate to ldap using Kerberos
  - From: Dan White <dwhite@olp.net>

Prev by Date: Re: Authenticate to ldap using Kerberos
Next by Date: Re: Authenticate to ldap using Kerberos
Index(es):
- Chronological
- Thread