[Date Prev][Date Next]
Re: open ldap with SASL & GSSAPI
--On Wednesday, November 08, 2006 11:51 PM -0500 Maxwell Bottiger
On Wed, 2006-11-08 at 18:28 -0800, Howard Chu wrote:
MIT Kerberos is known to work very poorly with OpenLDAP slapd. Heimdal
is known to work well. On the client side, either one will work, but
generally I would recommend using Heimdal.
I have heard that through other sources as well. I'm really just using
MIT kerberos because it shipped with my distro. Can I move the kerberos
database directly to Hemidal in the future?
It doesn't matter what kerberos database you use. For example, Stanford
uses an MIT KDC. But we use the Heimdal kerberos *libraries* to link slapd
against. It is the libraries we are talking about right now. Of course,
Heimdal also has the capability of using LDAP as its KDC store. MIT will
have that functionality sometime in the near future.
Principal Software Developer
ITS/Shared Application Services
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html