[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP

To: Jim Seymour <jseymour@LinxNet.com>, openldap-software@OpenLDAP.org
Subject: Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Sun, 12 Oct 2003 12:11:33 -0700
Content-disposition: inline
In-reply-to: <20031012140222.B0F114307@jimsun.LinxNet.com>
References: <20031012140222.B0F114307@jimsun.LinxNet.com>

--On Sunday, October 12, 2003 10:02 AM -0400 Jim Seymour <jseymour@LinxNet.com> wrote:

My plan is the evaluate whether I can replace the rather disjointed
authentication and directory mechanisms we have in place at work (NIS+,
separate Samba passwd file, maybe even address books) with LDAP.

We run OpenLDAP with OpenSSL, Kerberos, Cyrus-SASL & OpenLDAP. We have used it to replace our NIS service on Solaris, Linux, and Mac OS X boxes.

Now for the current burning question I have.

In order to do what I'm trying to do, *is* it necessary to build
OpenSSL *itself* with Kerberos support?

No. And when you build OpenLDAP with Kerberos support, make sure you use Heimdal K5 and not MIT K5 at this time. I'm currently in contact with folks at MIT to improve their thread support, but have no ETA on when any of that will be in place.

--Quanah


--
Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

Follow-Ups:
- Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP
  - From: Simon Wilkinson <simon@sxw.org.uk>
- Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP
  - From: jseymour@LinxNet.com (Jim Seymour)

References:
- OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP
  - From: jseymour@LinxNet.com (Jim Seymour)

Prev by Date: ACL group.regex in 2.1.22
Next by Date: Re: ACL group.regex in 2.1.22
Index(es):
- Chronological
- Thread