OpenLDAP -> GSSAPI (SASL) -> KERBEROS V Questions
syslists at vtsystems.com
Mon Oct 18 17:17:29 EDT 2004
Setting up two ldap servers with kerberos backends. I have some
questions about the linking of ldap to kerberos... I figured at least a
few of you folks have probably tried this is the past. And before you
refer me to the ldap mailing list lets just say very helpful people on
there tend to respond en masse with very useless suggestions and lots of
"I've never tried this before but..." advice. Which, as chance may have
it has never helped me in the past.
So the questions are....
What does a principal look like for ldap?
assuming my realm is WHATEVER.COM
How can I get more verbose error logs without recompiling?
Anyone know a good url with tips / pointers / whathave you... I
have found the SUSE docs to be pretty helpful.
And, once i've generated my ldap principal, and his key... can I
copy the key out of the keytab and chown/chmod it for ldap in another
directory and expect it to work?
And off topic....
Has anyone ever tried handing out kerberos tickets via dns?
More information about the Kerberos