[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to use SASL GSSAPI with open ldap?

To: S Vishwanath <SVISHWANATH@novell.com>, openldap-software@OpenLDAP.org
Subject: Re: How to use SASL GSSAPI with open ldap?
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Mon, 12 Apr 2004 16:56:00 -0700
Content-disposition: inline
In-reply-to: <s079eb61.026@lucius.provo.novell.com>
References: <s079eb61.026@lucius.provo.novell.com>

--On Monday, April 12, 2004 1:05 AM -0600 S Vishwanath <SVISHWANATH@novell.com> wrote:

Hi,

I am trying to use Cyrus-sasl-gssapi with openldap but no success so
far.  LDAP is not listing GSSAPI as a supported mechanism.  This is the
command I used
./bin/ldapsearch -x -b '' -s base '(objectclass=*)'
supportedSASLMEchanisms and
and here is the result.

dn:
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: CRAM-MD5

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

I have used MIT kerberos with cyrus sasl and they seem to be working
fine. Also I have enabled cyrus-sasl while building openldap with
--with-cyrus-sasl flag in configure.   How do I use GSSAPI  with
Openldap?

Do you have kerberos libraries on the system? And, I'll note, that MIT Kerberos is fairly problematic to use in a threaded environment like OpenLDAP uses. I suggest using Heimdal Kerberos on the OpenLDAP servers.

See
<http://www.stanford.edu/services/directory/openldap/configuration/index.ht
ml>

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

References:
- How to use SASL GSSAPI with open ldap?
  - From: "S Vishwanath" <SVISHWANATH@novell.com>

Prev by Date: Re: TLS confidentiality required error
Next by Date: Re: SSL certificates, kerberos keytabs, and load balancing
Index(es):
- Chronological
- Thread