[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL Headaches

Karsten Gorling wrote:
* Bennett, Silas (GE Infrastructure) <Silas.Bennett@ge.com> [050922 16:03]:
Hi All,

I am trying to set up openLDAP with Kerberos5 for authentication. I found and followed the _excellent_ howto by Turbo Fredriksson at http://www.bayour.com/LDAPv3-HOWTO.html and almost every thing is working. I can browse, search, & modify the LDAP database using:

On a other notice: I just put my eyes on the above mentioned HOWTO. As
far as I read, it is suggested to compile cyrus-sasl und the
OpenLDAP-Daemon against the MIT-Kerberos-Libs. This is, to my
knowledge, very errorprone, since the MIT-Kerberos-Libs are not thread safe. You are much better of, using Heimdal instead.

That page is full of errors. The page's author has no clear understanding of how Kerberos, SASL, and OpenLDAP fit together. I have posted corrections so many times I've lost count, and no longer bother trying.

 -- Howard Chu
 Chief Architect, Symas Corp.  http://www.symas.com
 Director, Highland Sun        http://highlandsun.com/hyc
 OpenLDAP Core Team            http://www.openldap.org/project/