[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Mapping userPassword to Kerberos 5



On Wed, Aug 06, 2003 at 12:58:54PM -0400, Stephen Frost wrote:
> * Lewis Thompson (purple@lewiz.info) wrote:
> > On Wed, Aug 06, 2003 at 11:23:57AM -0400, Stephen Frost wrote:
> > > It might be enough to compile with --enable-spasswd (SASL) and to then
> > > use {SASL} in the userPassword.  I'd like to know if this actually works
> > > or not...
> [...]
> >   I've been having troubles with this for a while; I thought it was
> > because I was trying to use {KERBEROS} but I get the same with {SASL}.
> > This is FreeBSD, not Debian but it might be of some use to you.
> 
> all.  userPassword is only used if you're trying to perform a simple

Ah, yes.  Sorry.

  Okay, well:

ldapseach -D "uid=lewiz,ou=People,dc=lewiz,dc=org" -W

fails with error 49 (auth error) when userPassword is set to
{SASL}lewiz@LEWIZ.ORG.  Is that what you meant?

  I then switched userPassword to ``abc123'' and it worked perfectly.

  I had troubles compiling OpenLDAP21 with --enable-kpasswd because of
some odd FreeBSD-specific crypt issues (that I still haven't resolved).
However, I /think/ that answers your question?  If not, maybe I use the
userPassword field in a different way in order to use SASL?

  Best wishes,

-lewiz.

-- 
I was so much older then, I'm younger than that now.  --Bob Dylan, 1964.
------------------------------------------------------------------------
-| msn:purple@lewiz.net | jab:lewiz@jabber.org | url:http://lewiz.net |-

Attachment: pgpKYR5caUYcV.pgp
Description: PGP signature