[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How does Openldap work with Cyrus SASL and MIT Kerberos V



Hi, thank you, now I understand what happen underlying the process.
As you said, then saslauthd do no work in my case. It is just a SASL plugin of
LDAP client works here.
And now, I have to configure phpldapadmin but I do not know what value I should assign
to SASL realm option, and so on.
I assumed that I should have a saslauthd for authentication via Kerberos, etc. But I am not
sure.
Please, could you give me some hint to using SASL in my case ?

thank you.



2008/7/1 Buchan Milne <bgmilne@staff.telkomsa.net>:

OpenLDAP does not use Kerberos directly, instead it uses SASL. If your
LDAP server has a Kerberos service principal, and has the SASL GSSAPI
plugin installed and enabled, then the OpenLDAP client utilities will
try appropriate SASL mechanisms (if the user has a ticket).

So, you are using SASL to authenticate via Kerberos your users when
accessing the LDAP service.

Regards,
Buchan




--
Le Trung Kien.