[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: only Kerberos authentication

On Wed, 2004-07-28 at 12:23, tandersson@nostalgie.fr wrote:
> How can I set only gssapi authentication for Openldap?

After the database:

sasl-host your.host.name
sasl-realm YOUR.REALM
sasl-secprops none
srvtab /etc/ldap/ldap.keytab

If you use ldap 2.2 and above, you can use regexp for username matching
with k5 principal, otherwise, if you use openldap from debian stable (as
I do), your suffix/basedn MUST be empty.
Sensei    <mailto:senseiwa@tin.it>
Error: Keyboard not found. Press F1 to continue...