[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: sluprd and SASL

At 11:11 AM 12/20/2005, FM wrote:
>I read several how-to but now I'm getting confuse.

I suggest you direct any questions about any particular
how-to you are following to its authors.

The general suggestion noted on this list when
attempting to get SASL working is to start with
the Cyrus SASL sample programs, configured
appropriately for the mechanism you intended to
use with slapd(8).  Note that questions concerning
use of these sample programs should be directed
to the Cyrus SASL list.

Of course, before you even try Cyrus SASL programs,
you should make sure your Kerberos environment
works well using the tools provided with your
Kerberos distribution.  Questions about proper
Kerberos configuration should be directed to a
list about the Kerberos software you are using.

Only after getting the sample programs working,
you should get ldapwhoami(1) and slapd(8) talking.
This should be a matter of translating your sample
program configuration to ldap.conf/slapd.conf.

Then, once you have done this, configuration of
slurpd(8) should be straight forward.

>I have 1 master and 1 slave
>I want to replicate master to slave
>on my slapd.confI have this example :
># Replicas of this database
>#replogfile /var/lib/ldap/openldap-master-replog
>#replica host=ldap-master:389 starttls=critical
>#     tls=yes bindmethod=sasl saslmech=GSSAPI
>#     authcId=host/ldap-master@EXAMPLE.COM
>host/ldap-master@EXAMPLE.COM is the user (I suppose).
>I have it in the keytab usedf by ldap and in krb5 db, but do I have to had it to ldap ?
>Do you have a config examples (master and slave) that use : authcId ?
>thanks !