ldap simple bind with kerberos passwords
Karen R McArthur
kmcarthu at bates.edu
Thu Feb 9 09:31:41 EST 2006
This issue involves ldap-kerberos integration. I'm not sure if this is
a kerberos or an ldap configuration problem so have sent it both to the
openldapldap-software and the kerberos lists.
openldap-2.2.15-2; krb5-libs-1.2.5-15; cyrus-sasl-2.1.10-1
Passwords are stored in the kerberos database. All passwords in ldap
are set to {SASL}principle at REALM (I've also tried
{KERBEROS}principle at REALM). All ldap "People" have a kerberos record
and also the "krb5Principal" objectClass.
The keytabs ldap/<FQDN>@REALM, host/<FQDN>@REALM, cvs/<FQDN>@REALM, and
svn/<FQDN>@REALM all exist.
I can authenticate to all of my Linux servers. Most of my applications
are authenticating with no problems. However, those application that
are not kerberos aware and require a simple ldap bind are not
authenticating. (for example, subversion).
Is this an ldap configuration issue? Or is it kerberos? Any ideas
would be greatly appreciated!
--
Karen R. McArthur <kmcarthu at bates.edu>
Systems Administrator
Information and Library Services, Bates College
Lewiston, Maine 04240
ph:(207) 786-8236 fax:(207) 786-6057
More information about the Kerberos
mailing list