[Date Prev][Date Next] [Chronological] [Thread] [Top]

Enable SASL and GSSAPI authentication

To: openldap-technical@openldap.org
Subject: Enable SASL and GSSAPI authentication
From: Jörg Herzinger <joerg.herzinger@global2000.at>
Date: Wed, 22 Dec 2010 11:00:50 +0100
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Lightning/1.0b2 Thunderbird/3.1.7

Hi, I've been running openLDAP with GSSAPI authentication for quite awhile now and everything has been running quite fine. The last days Itried enabling SASL password auth as described in [1]Now password authentication works fine, but it seems that GSS somehowhas been disabled:

root@ldap1 ~ # ldapsearch -x -H ldap:// -b '' -s base -LLLsupportedSASLMechanisms

dn:

While without SASL enabled I get:

root@ldap1 ~ # ldapsearch -x -H ldap:// -b '' -s base -LLLsupportedSASLMechanisms

dn:
supportedSASLMechanisms: GSSAPI

Is it possible to enable both, GSS and SASL pass through auth? I checkedthe dokumentation and couldn't find a clue if it is or not.

openLDAP version is 2.4.11 on Debian Lenny, Kerberos is MIT version 1.6also on Lenny. Slapd config can be found here [2]


tia,
    Jörg Herzinger

[1] http://www.openldap.org/doc/admin24/security.html#Pass-Throughauthentication[2]https://github.com/joerg/global2000-puppet/blob/master/modules/ldapserver/templates/etc-ldap-slapd.conf.erb

Follow-Ups:
- Re: Enable SASL and GSSAPI authentication
  - From: Indexer <indexer@internode.on.net>
- Re: Enable SASL and GSSAPI authentication
  - From: Dan White <dwhite@olp.net>

Prev by Date: Re: adding a custom objectClass
Next by Date: Re: Enable SASL and GSSAPI authentication
Index(es):
- Chronological
- Thread