[Date Prev][Date Next]
Re: Openldap crashes on GSSAPI authentication
On Fri, 2003-02-21 at 15:13, Diego Julian Remolina wrote:
> I have been trying for a while to get openldap working with sasl and
> gssapi on Solaris 9 but have had no luck. Can anybody give me a hand?
> I am using mit kerberos krb5-1.2.7.
> I compiled sasl-2.1.12 and tested it with the sample server and client
> with sucess for gssapi authentication. Later on I compiled
> openldap-2.1.12 and after many problems, I found out that even though
> slapd was finding /opt/local/lib/sasl2 while using ldd, it wanted the link
> from /usr/lib/sasl2 to that folder in order to recognize the GSSAPI
> authentication mechanism (This actually works as you can see in the log of
> my client session). (And yes I know I should have created that link
> following the sasl instructions... but It took me a while to realize
> that.... :) ).
>From your sldapd.conf:
# SASL Configuration
why are these commented ? Shouldn't you set them right ?
Too see if the sasl-regexp works you should issue the command:
$ ldapwhoami -Y GSSAPI
Also see: http://www.openldap.org/faq/data/cache/630.html
the "srvtab" option in slapd.conf I guess is for KRB_v4
and not for SASL/GSSAPI. The /usr/lib/sasl2 link is clearly
stated in the cyrus-sasl docs, it's not slapd's fault, it's the way
the cyrus-sasl things work.