[Date Prev][Date Next]
Re: errant SASL/GSSAPI setup?
- To: openldap-software@OpenLDAP.org
- Subject: Re: errant SASL/GSSAPI setup?
- From: Andreas Hasenack <email@example.com>
- Date: Fri, 1 Sep 2006 09:45:06 -0300
- Content-disposition: inline
- In-reply-to: <2BC57B9BC8697D3A288A8A7D@SW-90-717-287-3.stanford.edu>
- References: <20060831204134.2D79CD000219@mwinf7001.orange.net> <2BC57B9BC8697D3A288A8A7D@SW-90-717-287-3.stanford.edu>
- User-agent: Mutt/1.5.11
On Thu, Aug 31, 2006 at 02:59:10PM -0700, Quanah Gibson-Mount wrote:
> Yep, MIT Kerberos is exactly what I was beginning to expect as well, which
> is why I asked about the Kerberos libraries being used. That's what it
> looks like is being used from Allan's libraries he provided as wel.
> As mentioned on this list numerous times, do *not* use MIT kerberos with
> OpenLDAP. Bad things happen. Use Heimdal Kerberos.
I'm sorry, but this is harsh. I have used mit kerberos for years with
openldap and it works just fine for me. Also, consider that heimdal
development seems stalled and mit's is thriving, and that no current
linux distro ships it by default anymore. I even sent some trivial
patches to the heimdal list and got absolutely no response. Sometimes I
even wonder if I'm still subscribed, given the super low traffic.