[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: 2.2.23's slapd segfaults when using ldapsearch

> MIT kerberos 1.3 is not thread safe.  MIT Kerberos 1.4 is thread safe, but
> has problems with its replay cache.  If you use MIT Krb5 1.3, you'll want
> to make sure mutexes are enabled in Cyrus-SASL 2.1.20.  If you use 1.4,
> you'll want to disable them.  Neither set of libraries handles requests as
> quickly as Heimdal Kerberos does.
> Stanford runs MIT Kerberos for nearly everything, and has MIT Kerberos
> KDC's.  There has been no problem having the OpenLDAP servers be compiled
> against Heimdal.  Kerberos 5 is a protocol, both Heimdal & MIT speak it.

Quanah - 

Thanks again for the info. I'll have to look into this some more and
see if I can figure out what works best in our environment. I'll send
out an update when I get through some more testing.