[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Problems with OpenLDAP 2.1.4 and Kerberos
- To: "Quanah Gibson-Mount" <quanah@stanford.edu>, <openldap-software@OpenLDAP.org>
- Subject: RE: Problems with OpenLDAP 2.1.4 and Kerberos
- From: "Anthony Brock" <abrock@georgefox.edu>
- Date: Thu, 19 Sep 2002 13:34:58 -0700
- Content-class: urn:content-classes:message
- Thread-index: AcJgGtHpOAZ1bsKaQH6PAAtlAhoiNgAAKa0g
- Thread-topic: Problems with OpenLDAP 2.1.4 and Kerberos
I am attempting to connect to Active Directory using the OpenLDAP
ldapsearch binary. So far, none of what I am attempting to do involves
an OpenLDAP server. Given this situation, I agree that the keytab file
on the UNIX server is not important. However, it does appear that I
should be receiving a ticket for
"ldap/ads01.campus.georgefox.edu@CAMPUS.GEORGEFOX.EDU" in my credentials
cache if ads01.campus.georgefox.edu is our test server.
Am I incorrect in this assumption? The learning curve on this is
amazing.....
Tony
Anthony Brock
Director of Network Services
George Fox University
E-Mail: abrock@georgefox.edu
Phone: (503) 554-2579
FAX: (503) 554-3834
-----Original Message-----
From: Quanah Gibson-Mount [mailto:quanah@stanford.edu]
Sent: Thursday, September 19, 2002 1:26 PM
To: Anthony Brock; openldap-software@OpenLDAP.org
Subject: RE: Problems with OpenLDAP 2.1.4 and Kerberos
Tony,
I'd be more curious about the keytab issue rather than the ticket. I
guess
I'm not quite sure what you are doing. You are connecting to active
directory with the openldap ldapsearch binary? Or you are connecting to
an
openldap server running on Windows? In the former case, neither the
keytab
nor the ticket will do anything for you. In the latter, you definately
need the K5 ldap/<host> keytab.
--Quanah
--
Quanah Gibson-Mount
Senior Systems Administrator
ITSS/TSS/Computing Systems
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html