[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: 2.2.11 and --enable-kpasswd



> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Frank Swasey

> Today at 6:26pm, Dan wrote:
>
> > I was thinking about upgrading our OpenLDAP servers from Redhat's
> > openldap 2.1.22 to 2.2.11. While playing with configure for 2.2.11 i
> > noticed --enable-kpasswd is missing from the options.
> >
> > Is this feature still supported? I have a heap of users
> with {kerberos}
> > type passwords that i don't really want to change.
>
> No, this feature is not supported any longer.  You can check back
> through the archives of this list.  You will need to set up saslauthd
> and convert your passwords to {sasl} instead of {kerberos}.  Once you
> get past the typos (that I made...) it works well.  RH9's saslauthd
> needs to be recycled frequently because it leaks memory like a sieve!

The --enable-kpasswd option is not supported any longer, but the code is
still available as a separate module in contrib/slapd-modules/passwd. If you
really need it, you can build that module and dynamically load it into slapd.
Of course, using {sasl} is probably the better idea overall.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support