[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap simple bind with kerberos passwords

To: Karen R McArthur <kmcarthu@bates.edu>
Subject: ldap simple bind with kerberos passwords
From: Karen R McArthur <kmcarthu@bates.edu>
Date: Thu, 09 Feb 2006 09:31:41 -0500
Organization: Bates College
User-agent: Thunderbird 1.5 (Windows/20051201)

This issue involves ldap-kerberos integration. I'm not sure if this is a kerberos or an ldap configuration problem so have sent it both to the openldapldap-software and the kerberos lists.

openldap-2.2.15-2; krb5-libs-1.2.5-15; cyrus-sasl-2.1.10-1

Passwords are stored in the kerberos database. All passwords in ldap are set to {SASL}principle@REALM (I've also tried {KERBEROS}principle@REALM). All ldap "People" have a kerberos record and also the "krb5Principal" objectClass.

The keytabs ldap/<FQDN>@REALM, host/<FQDN>@REALM, cvs/<FQDN>@REALM, and svn/<FQDN>@REALM all exist.

I can authenticate to all of my Linux servers. Most of my applications are authenticating with no problems. However, those application that are not kerberos aware and require a simple ldap bind are not authenticating. (for example, subversion).

Is this an ldap configuration issue? Or is it kerberos? Any ideas would be greatly appreciated!

--
Karen R. McArthur <kmcarthu@bates.edu>
Systems Administrator
Information and Library Services, Bates College
Lewiston, Maine 04240
ph:(207) 786-8236   fax:(207) 786-6057

Follow-Ups:
- Re: ldap simple bind with kerberos passwords
  - From: Howard Chu <hyc@symas.com>
- Re: ldap simple bind with kerberos passwords
  - From: Karsten Gorling <kgorling@physik.tu-berlin.de>

Prev by Date: [dave@sleepycat.com: [sleepycat-ann] Two new patches for Berkeley DB 4.4.20]
Next by Date: search base question.
Index(es):
- Chronological
- Thread