[Date Prev][Date Next]
Re: Kerberos 5 support
Matthew Palmer wrote:
> Is there any particular reason why Kerberos 5 support hasn't been
> implemented in OpenLDAP yet? Or has it? The manual page for ldap_bind that
> I have (OK, dated 22 September 1998 - they came with Debian 2.2) state that
> Kerberos 4 is the supported version. Is that now incorrect as of latest
With the help of Cyrus-SASL support for the GSSAPI SASL mechamism (Krb5)
is availalbe in OpenLDAP 2.0.x.
> Also, what is the status of Kerberos-based link encryption? Obviously SSL
> is a possibility, but I understand that it requires the Netscape SDK, and
> Kerberos does have support for link encryption. Are there any plans to
> incorporate this as an alternative, or is it already available?
OpenLDAP 2.0.x now also nativly supports SSL (ie. LDAPS and TLS).
When using GSSAPI an encryption layer (DES, 56bit) is enabled by
DFN Directory Services tel: +49 7071 29 70335
ZDV, Universität Tübingen fax: +49 7071 29 5912
Wächterstr. 76, 72074 Tübingen http://www.directory.dfn.de