local ticket-cache for ldap requests

[Andreas Bauer]

Hello NG,

i have  SuSE 10.0/9.3 Clients (krb5 rpm), which get their tickets right at
login from a KDC of a Windows 2003 Server. After sign-on of the clients
klist displays the valid ticket of the user for 10 hours. I created the 
keytabfile on the win
server,installed it on the client, configured the /etc/krb5.conf and the 
SuSE client.
So I think, clients logon over kerberos and not ldap.
The local ticket-cache for ldap requests? Do I need the local ticket-cache 
for ldap requests at all, that the kerberos
logons of the SuSE users are working for me?

I have another question about installing the local ticket-cache for 
ldap-service on SuSE 10.0/9.3 clients:
I found out, that the default ticket cache of Kerberos has to be overwritten 
from nssldap.
Otherwise ticket cache is malfunctioned. I found out, NSSLDAP only can do 
this, if I would compile the nssldap module with the options:
--configurable-krb-ccname-gssapi.
Are the suse 9.3/10.0 rpms already compiled with this options?
I have a well acting network based on nss_ldap, what's going on after 
deinstalling
the rpm nss_ldap package and new installing and compiling the nss_ldap 
module from padl.com?


Thanks a lot and best regards
Andreas