(Answer) (Category) OpenLDAP Faq-O-Matic : (Category) OpenLDAP Software FAQ : (Category) Integration : (Answer) How can OpenLDAP, Cyrus-SASL, OpenSSL and KerberosV be combined?
OpenLDAP and Cyrus SASL versions:
OpenLDAP 2.1 and later only supports Cyrus SASL 2.1 and later.
MIT Kerberos V libraries are not thread-safe. Use Heimdal Kerberos or build OpenLDAP --without-threads.
OpenLDAP supports Kerberos authentication via the SASL/GSSAPI authentication mechanism. That is, you just need to build Cyrus SASL with GSSAPI support, (using Heimdal Kerberos V libraries) and then build OpenLDAP with Cyrus SASL support.
If you're trying to use Kerberos for Simple Binds, see the link below about the {KERBEROS} password scheme.
See also: 
  (Xref) How does one use LDAP authentication with PAM?
  (Xref) How does one integrate LDAP with name services using NSS?
  (Xref) How do I use TLS/SSL?
  (Xref) Is there an alternative to {KERBEROS} passwords in current versions of slapd(8)?

See also: Is there an alternative to {KERBEROS} passwords in current versions of slapd(8)?
[Append to This Answer]
hyc@openldap.org, Kurt@OpenLDAP.org, danpritts@yahoo.com
Previous: (Answer) How does one integrate LDAP with name services using NSS?
Next: (Answer) How to use LDAP for managing DNS zones?
This document is: http://www.openldap.org/faq/index.cgi?file=544
[Search] [Appearance]
This is a Faq-O-Matic 2.721.test.
© Copyright 1998-2013, OpenLDAP Foundation, info@OpenLDAP.org