Re: New york city high school needs help with macs that won't play with linux server

[Everette Gray Allen <Everette_Allen@ncsu.edu>]

I am trying the same thing using solaris backend.
I do not think the macos x ldap v3 plugin will do sasl gssapi (has not 
worked for me).
Instead I am approaching it using saslauthd with kerberos 5 method over ssl.
openldap is very picky about mechanisms so be sure you set your 
sasl-secprops none in slapd.conf and SASL_SECPROPS none in your client's 
 /etc/openldap/ldap.conf
If you are not worried about anonymous binds (running only ldaps should 
not be a problem) then you should be ok.  I can share my config files 
for what they are worth if you like.
My problem is getting the access rules right so users can login but not 
read other users directory entries.


P. Robert Marino wrote:

> I need help
> I have a SuSE 8.2 Linux server with openldap 2.1.12, Heimdal kerberos 
> 0.4e, Cyrus SASL2, and openldap.
> I created an LDAP 3 server it works flawlessly.
> I connected my Linux lab to it and all of my Linux boxes are connecting 
> fine with tls encryption and kerberos 5 via gssapi.
> here is the problem I have 180 Mac OS X 10.2.x Ibooks and they just wont 
> connect or give me useable error logs. I will have to get them connected 
> in the next two weeks before we start handing them out to students to 
> use them in their classes.
>     I can get kerberos tickets on the ibooks from the heimdal server 
> using kinit. I just cant get them to connect to my ldap server

--
Everette Gray Allen		Systems Programmer II
ITD Computing Services	Macintosh Support Specialist
2620 Hillsborough St, Campus Box 7109
Raleigh, NC 27695-7109
919-515-4558		Everette_Allen@ncsu.edu