Help with SASL/GSSAPI to remote Kerberos server

Wes Modes wmodes at ucsc.edu
Tue Feb 19 15:32:52 EST 2008


I am using SASL/GSSAPI to authenticate to Kerberos from OpenLDAP.  I
haven't gotten that to work yet. 

Almost all of the docs I found presume that I am setting up the KDC on
the same server at OpenLDAP.  In my case, the KDC is administered by
another group who is willing to grant me access to Kerberos.  However,
none of the docs I've found offer help in setting up SASL/GSSAPI here
and the Kerberos server elsewhere. 

Can someone point me to anything that would guide me through this
process?  Or does anyone want to share portions of their configuration?

Specifics:

OS: Red Hat Enterprise 4 v2.6.9
OpenLDAP v2.2.13
Local MIT Kerberos5 v1.3.4
KDC:  MIT Kerberos5 v?
Cyrus SASL v2.1.19

Other questions that have come up:

What tests can I run here that will help me know if I've configured my
end correctly to connect with the Kerberos server?

How can I test to see if I have everything I need in the keytab was
given by the Kerberos administrators?

This project has been delayed weeks and weeks while I climb and climb up
Samba, OpenLDAP, and Kerberos' very steep learning curve.  So your
prompt response will be hugely helpful.

Thanks in advance.

Wes


-- 

Wes Modes
Server Administrator & Programmer Analyst
McHenry Library
Computing & Network Services
Information and Technology Services
459-5208



More information about the Kerberos mailing list