[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Problems with OpenLDAP 2.1.4 and Kerberos



I am attempting to connect to Active Directory using the OpenLDAP
ldapsearch binary. So far, none of what I am attempting to do involves
an OpenLDAP server. Given this situation, I agree that the keytab file
on the UNIX server is not important. However, it does appear that I
should be receiving a ticket for
"ldap/ads01.campus.georgefox.edu@CAMPUS.GEORGEFOX.EDU" in my credentials
cache if ads01.campus.georgefox.edu is our test server.

Am I incorrect in this assumption? The learning curve on this is
amazing.....

Tony


Anthony Brock
Director of Network Services
George Fox University

E-Mail: abrock@georgefox.edu
Phone:  (503) 554-2579
FAX:    (503) 554-3834




-----Original Message-----
From: Quanah Gibson-Mount [mailto:quanah@stanford.edu] 
Sent: Thursday, September 19, 2002 1:26 PM
To: Anthony Brock; openldap-software@OpenLDAP.org
Subject: RE: Problems with OpenLDAP 2.1.4 and Kerberos

Tony,

I'd be more curious about the keytab issue rather than the ticket.  I
guess 
I'm not quite sure what you are doing.  You are connecting to active 
directory with the openldap ldapsearch binary?  Or you are connecting to
an 
openldap server running on Windows?  In the former case, neither the
keytab 
nor the ticket will do anything for you.  In the latter, you definately 
need the K5 ldap/<host> keytab.

--Quanah

--
Quanah Gibson-Mount
Senior Systems Administrator
ITSS/TSS/Computing Systems
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html