Re: GSSAPI vs GSS-SPNEGO

[Dan White <dwhite@cafedemocracy.org>]

On 12/30/14 11:09 -0500, Brendan Kearney wrote:
> /run:
> drwxr-xr-x  2 root    root     100 Dec 30 10:26 saslauthd
>
> /var/run:
> lrwxrwxrwx. 1 root root 6 Dec 10 21:46 /var/run -> ../run
>
> so the ldap user would have read and execute permissions.  should i
> change anything?

No.

> i do have a user for dhcpd setup in that way (dn:
> uid=dhcpd,dc=bpk2,dc=com and userPassword: {SASL}dhcpd@BPK2.COM).  the
> kerberos object does exist as well.

What testsaslauthd command are you running? Are you currently using the
'-r' option when starting saslauthd? Try running saslauthd in debug mode
and compare output. If you're not seeing any output when authenticating
against slapd, verify your configured saslauthd_path in slapd.conf. It
should include the '/mux' in the path, e.g. '/var/run/saslauthd/mux'.

--
Dan White