[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to use SASL GSSAPI with open ldap?

--On Monday, April 12, 2004 1:05 AM -0600 S Vishwanath <SVISHWANATH@novell.com> wrote:


I am trying to use Cyrus-sasl-gssapi with openldap but no success so
far.  LDAP is not listing GSSAPI as a supported mechanism.  This is the
command I used
./bin/ldapsearch -x -b '' -s base '(objectclass=*)'
supportedSASLMEchanisms and
and here is the result.

supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: CRAM-MD5

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

I have used MIT kerberos with cyrus sasl and they seem to be working
fine. Also I have enabled cyrus-sasl while building openldap with
--with-cyrus-sasl flag in configure.   How do I use GSSAPI  with

Do you have kerberos libraries on the system? And, I'll note, that MIT Kerberos is fairly problematic to use in a threaded environment like OpenLDAP uses. I suggest using Heimdal Kerberos on the OpenLDAP servers.



Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html