[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP

--On Sunday, October 12, 2003 10:02 AM -0400 Jim Seymour <jseymour@LinxNet.com> wrote:

My plan is the evaluate whether I can replace the rather disjointed
authentication and directory mechanisms we have in place at work (NIS+,
separate Samba passwd file, maybe even address books) with LDAP.

We run OpenLDAP with OpenSSL, Kerberos, Cyrus-SASL & OpenLDAP. We have used it to replace our NIS service on Solaris, Linux, and Mac OS X boxes.

Now for the current burning question I have.

In order to do what I'm trying to do, *is* it necessary to build
OpenSSL *itself* with Kerberos support?

No. And when you build OpenLDAP with Kerberos support, make sure you use Heimdal K5 and not MIT K5 at this time. I'm currently in contact with folks at MIT to improve their thread support, but have no ETA on when any of that will be in place.


-- Quanah Gibson-Mount Principal Software Developer ITSS/TSS/Computing Systems ITSS/TSS/Infrastructure Operations Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html