[Date Prev][Date Next]
Question on GSSAPI-authentication
i have question on the GSSAPI-implementation
in v2.1.x (or maybe in how SASL/GSSAPI works).
Suppose i have the following access-rule
access to attr=uid
by dn="uid=ldapreplicator,cn=HRNET.DE,cn=GSSAPI,cn=auth" read
by self write
by * read
and the saslregexp :
Now, what happens when ldapreplicator,
who is ldapreplicator@HRNET.DE wants to authenticate ?
Is it :
and then (via saslRegexp) translated to
So ldapreplicator must be an entry in the
Which objecttclass doe he have ?
Or is there no need for a directory entry ?
What about the password ?
PS.: My questions maybe seems to be foolish,
but i have a serious problem in understanding how
authentication via GSSAPI really works.