[Date Prev][Date Next]
Handling slapd.d in OpenLDAP and Kerberos
- To: email@example.com
- Subject: Handling slapd.d in OpenLDAP and Kerberos
- From: "firstname.lastname@example.org" <email@example.com>
- Date: Fri, 7 Jan 2011 21:22:01 +0530
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:from:date :message-id:subject:to:content-type; bh=ju6nJ31QV+ElxvroXV4FxZ+iqSphcxVGiTz2784Gj78=; b=nT/Ul4hcW9nH0R9bwtKPQ68h+S5iA8WUMkxBUvycqsqtSyOrVrJS9OdvF39Qk4bfMg uSm5KqvizYAgS7Ggo8noxpSoBtFs1tCeHQMtqV4tlEJecXUf5SWpbFiWENNmo4WAKGqq qxZQInjQSmunC8+3BZJZN2XOYFlqS13QHJNpY=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; b=aCrjHXHV7tUdWTyCH21CKIc6LJ496bwQOSxL4nbYt1c2pX4tk5nBEIGQx6a3WzpbZB lYc7df3lf244Lq2fFxsx88ngtPjQiV8PCUUDx2fBImfG2twuSrPKUf39hn0YzuRAjOLJ 9CJ94ZzwfRc5kL7schVXtcM4ar4VBNJe0Gcg8=
We are currently trying to use OpenLDAP as the database for Kerberos in our lab.
We installed OpenLDAP in Ubuntu 10.04 and is working without any problem (i,e. queries are showing the correct results)
But we are not able to get Kerberos authenticate via OpenLDAP.
For authenticating via OpenLDAP, the principles needs to be rewritten (using authz-policy and authz-regexp). We know how to do
that in older version of OpenLDAP which had (slapd.conf) but don't know how to do the same in new OpenLDAP which has slapd.d directory instead.
The manuals also doesn't say anything on this issue.
We did the following for testing authentication via Kerberos:
And we got this result:
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL(-13): user not found: no secret in database
We just want to perform this:
We think adding this in slapd.conf should serve the purpose. Any suggestions/help is highly appreciated.