[Date Prev][Date Next] [Chronological] [Thread] [Top]

openldap proxy to kerberos



I am using openldap proxy today with ldap backend. 

Any suggestions on how to use kerberos as the backend?

Here is my config (sanitized)

$ cat slapd.conf
### Schema includes ###########################################################
include                 /etc/openldap/schema/core.schema
include                 /etc/openldap/schema/cosine.schema
include                 /etc/openldap/schema/inetorgperson.schema
include                 /etc/openldap/schema/misc.schema
include                 /etc/openldap/schema/nis.schema

## Module paths ##############################################################
modulepath              /usr/lib64/openldap/
moduleload              back_ldap

# Main settings ###############################################################
pidfile                 /var/run/openldap/slapd.pid
argsfile                /var/run/openldap/slapd.args
sizelimit               unlimited

TLSCertificateFile      /root/data/certs/ldap.crt
TLSCertificateKeyFile   /root/data/certs/ldap.key

### Database definition (Proxy to AD) #########################################
database                ldap
readonly                yes
protocol-version        3
rebind-as-user          yes
uri                     "ldaps://ldap.example.com:1636"
suffix                  "ou=People,dc=example,dc=net"
### Logging ###################################################################
loglevel                0



--
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?