Re: [OT] SASL required? for Heimdal Kerberos -> OpenLDAP

[Jose Gonzalez Gomez <jgonzalez@opentechnet.com>]

Bruce Marriner wrote:

> Kasundra, Digant wrote:
>
> > My recommendation would be to use Heimdal's regular backend, not 
> > OpenLDAP.  It seems to me that using OpenLDAP for the backend may be 
> > more kludgy than doing the reverse, ie using SASL to authenticate 
> > users against Kerberos.  If you want to know how to set userpasswords 
> > in OpenLDAP to refer to Kerberos as the authenticator (using 
> > saslauthd) or how to use SASL to authenticate against OpenLDAP with 
> > your Kerberos ticket, this list can help you with that.
>     I am wanting to have Samba and Heimdal use the same password 
> database and according to the Samba folks the only way possible is to 
> store Samba accounts in OpenLDAP.  So I have configured that (using a 
> "patch" from the samba folks) and now I would like to get the kerberos 
> end to play ball.  I think this whole thing would go easier if I was 
> not fighting some old redhat box the whole way.  Anyhow I have 
> downloaded the current OpenLDAP release along with SASL - but nnow 
> SASL is having fits over some redhat 7.3 stuff so I guess I need to 
> work that out first.

   Maybe this could help you?

      http://www.openinput.com/auth-howto/

   Best regards
   Jose