[Date Prev][Date Next]
Thanks for the reply. However, my system is setup correctly for cross-realm
authentication. I have another application that does it perfectly fine, so
it's not how my system are setup.
Doing an ethereal on both applications (the one that works, and mine), it
seems that the one that works correctly walks around the realms successfully
until it gets to the realm with the ldap server in it. While my application
requests a ticket for "krbtgt .". The dot is the difference. The system that
works asks for a ticket for a valid realm, while my application is asking
for a ticket for dot (.).
Anybody have any experience on how to correctly use
ldap_sasl_interactive_bind_s? I know my "interact function" get's asked for
some values, and currently I return nothing. I've tried to return a valid
realm but it doesn't seem to get used (verified with ethereal). Any ideas?
On 9/16/05, Dieter Kluenter <firstname.lastname@example.org> wrote:
> Jeremiah Martell <email@example.com> writes:
> > Hello,
> > Is there any documentation on this function? I'm able to get openldap to
> > successfully use this function to authenticate to a ldap directory with
> > SASL/GSSAPI when my kerberos credentials and the ldap directory are in
> > same realm. But when my credentials and the ldap directory are in
> > realms, it's failing. I'm not sure what to pass this function to make
> > multi-realm logins work. Any ideas?
> This is a kerberos related question. Set up your system to cross realm
> authentication and two way trust relation.
> Dieter Klünter | Systemberatung
> GPG Key ID:8EF7B6C6