[Date Prev][Date Next] [Chronological] [Thread] [Top]

Enable SASL and GSSAPI authentication

Hi, I've been running openLDAP with GSSAPI authentication for quite a while now and everything has been running quite fine. The last days I tried enabling SASL password auth as described in [1] Now password authentication works fine, but it seems that GSS somehow has been disabled:

root@ldap1 ~ # ldapsearch -x -H ldap:// -b '' -s base -LLL supportedSASLMechanisms

While without SASL enabled I get:

root@ldap1 ~ # ldapsearch -x -H ldap:// -b '' -s base -LLL supportedSASLMechanisms
supportedSASLMechanisms: GSSAPI

Is it possible to enable both, GSS and SASL pass through auth? I checked the dokumentation and couldn't find a clue if it is or not.

openLDAP version is 2.4.11 on Debian Lenny, Kerberos is MIT version 1.6 also on Lenny. Slapd config can be found here [2]

    Jörg Herzinger

[1] http://www.openldap.org/doc/admin24/security.html#Pass-Through authentication [2] https://github.com/joerg/global2000-puppet/blob/master/modules/ldapserver/templates/etc-ldap-slapd.conf.erb