[Date Prev][Date Next] [Chronological] [Thread] [Top]

2.1 admin guide typo about kerberos principals (ITS#2695)

To: openldap-its@OpenLDAP.org
Subject: 2.1 admin guide typo about kerberos principals (ITS#2695)
From: anders.lennartsson@foi.se
Date: Sun, 31 Aug 2003 21:24:45 GMT

Full_Name: Anders Lennartsson
Version: 2.1
OS: 
URL: 
Submission from: (NULL) (217.215.111.154)


I've had reason to study the OpenLDAP 2.1 Administrator's guide.

In the version dated January 10, 2003, freshly downloaded from the website,
I'v spotted an error in section 10.2.2 GSSAPI.

A little bit more than halfway through, it is stated


For the purposes of authentication...
uid=<principal>,cn=<realm>,cn=gssapi,cn=auth
Continuing our example, ...


I suppose it should read 

uid=<primary>,cn=<realm>,cn=gssapi,cn=auth

since a Kerberos V principal is built up by
primary/instance@realm

(In fact, I think multiple instances are defined but
never used.)

Also, a related question, does a principal user/admin@REALM get converted into:
uid=user/admin,cn=realm,cn=gssapi,cn=auth

If so, maybe it should read

uid=<primary/instance>,...

Prev by Date: ldapsearch ignoring ldap.conf (ITS#2697)
Next by Date: Re: ldapsearch ignoring ldap.conf (ITS#2697)
Index(es):
- Chronological
- Thread