[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: kerberos authentication disables normal operation?

To: openldap-software@OpenLDAP.org
Subject: Re: kerberos authentication disables normal operation?
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Fri, 20 Jun 2003 09:27:40 +0200
In-reply-to: <7DE4EF03D8D61B44B927E4A059B2644C3489F6@65-200-113-18.trendmicro.com> (Kent Wu's message of "Thu, 19 Jun 2003 16:53:28 -0700")
References: <7DE4EF03D8D61B44B927E4A059B2644C3489F6@65-200-113-18.trendmicro.com>
User-agent: Gnus/5.1001 (Gnus v5.10.1) XEmacs/21.4 (Portable Code, linux)

<Kent_Wu@trendmicro.com> writes:

> Hi,
>
> 	I tried to use LDAP SDK to connect to AD, the odd thing is if
> I adopts simple authentication by using ldap_simple_bind_s() then I
> can search, compare, ..etc. However if I use kerberos authentication
> by using GSS-API and ldap_sasl_bind_s(), it would pass the
> authentication phase however while doing the search, no entry was
> returned even though the criteria are the same as simple
> authentication one. Here in Kerberos authentication I use
> "ldap@realm_name" as the service name.

You should create a 'service/host@REALM' principal. That is
'ldap/host@REALM'

-Dieter

-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter@schevolution.com
http://www.schevolution.com/tour

References:
- kerberos authentication disables normal operation?
  - From: <Kent_Wu@trendmicro.com>

Prev by Date: JDBC-LDAP question
Next by Date: ldapsearch sort question
Index(es):
- Chronological
- Thread