[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Problems with OpenLDAP 2.1.4 and Kerberos
- To: "Gerald (Jerry) Carter" <jerry@samba.org>
- Subject: RE: Problems with OpenLDAP 2.1.4 and Kerberos
- From: "Anthony Brock" <abrock@georgefox.edu>
- Date: Thu, 19 Sep 2002 11:24:02 -0700
- Cc: <openldap-software@OpenLDAP.org>
- Content-class: urn:content-classes:message
- Thread-index: AcJf5vMTqAsemsM1QxutO3ZNmEFTKAAIgbzg
- Thread-topic: Problems with OpenLDAP 2.1.4 and Kerberos
I'm not attempting cross-realm trusts. I just want to connect to the AD
with a Kerberized UNIX client.
We did run kinit first, and successfully received the ticket. I can then
use that ticket to telnet to another MIT Kerberized UNIX machine (in the
AD Realm) and it will successfully authenticate me.
Tony
Anthony Brock
Director of Network Services
George Fox University
E-Mail: abrock@georgefox.edu
Phone: (503) 554-2579
FAX: (503) 554-3834
-----Original Message-----
From: Gerald (Jerry) Carter [mailto:jerry@samba.org]
Sent: Thursday, September 19, 2002 7:15 AM
To: Anthony Brock
Cc: openldap-software@OpenLDAP.org
Subject: Re: Problems with OpenLDAP 2.1.4 and Kerberos
Are you trying to use cross-realm trusts? Did you run kinit to get the
user's TGT first? I've got this working on a testbed runnin at home.
btw...going the other way has proven impossible so far....
Using a cross-realm trust to access OpenLDAP in a MIT Krb5 realm
from a Win2k client in the trusted AD realm.
cheers, jerry
---------------------------------------------------------------------
Hewlett-Packard http://www.hp.com
SAMBA Team http://www.samba.org
-- http://www.plainjoe.org
"Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2
--"I never saved anything for the swim back." Ethan Hawk in Gattaca--