Kerberos syncrepl support for OpenLDAP
Jaap Winius
jwinius at umrk.nl
Sun Jan 10 07:58:09 EST 2010
Hi all,
It wasn't all that difficult to add MIT Kerberos V support to an OpenLDAP
server for client authentication, but using it to encrypt synchronization
traffic between provider and consumer servers is something else.
I know how to configure OpenLDAP's syncrepl directive with the "simple"
bindmethod, using a clear-text password exchange and clear-text database
replication, but can anyone spare a few hints on how to configure things
so that syncrepl uses Kerberos encryption? I know it's possible, using
stuff like GSSAPI and kinit cron jobs, but it's not well documented.
Thanks,
Jaap
More information about the Kerberos
mailing list