[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Openldap using Active Directory Kerberos password
I got the OS to successfully used the MS AD kerberos password.
Then I have the following in slapd.conf:
sasl-realm ad.inst.edu
sasl-host 10.10.10.9
sasl-secprops none
Then I have the following entry:
dn: uid=stest75,ou=Users,dc=ad,dc=inst,dc=edu
cn: stest75
sn: stest75
uid: stest75
homeDirectory: /home/stest75
loginShell: /bin/tcsh
gecos: System User
description: System User
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: sambaAccount
objectClass: krb5Principal
krb5PrincipalName: stest75@AD.INST.EDU
userPassword: {KERBEROS}stest75@AD.INST.EDU
Then when I try to do a bind using this account it fails.
Any ideas?
Tulio
Quoting tuliol@sybatech.com:
> Frank,
> Thanks for your reply. My OS (Redhat AS) currently is using local accounts
> and
> not kerberos. Is that the first step? How do I figure out what the Kerberos
>
> realm is for the MS AD? Do you have instructions on how to configure slapd
> to
> use saslauth once the os is ready?
>
> Thanks again
>
> Quoting Frank Swasey <Frank.Swasey@uvm.edu>:
>
> > On Wed, 23 Jun 2004 at 4:21pm, tuliol@sybatech.com wrote:
> >
> > > I am trying to use the kerberos password found in Microsoft active
> > > directory as the userPassword for my Openldap directory. Has anybody
> > > been sucessful in setting this up?
> > >
> > > Any help would be greatly apprectiated.
> >
> > Have you successfully configured your OS to use the MS AD Kerberos
> > password? If so, you should be able to configure it the same we several
> > of us have to talk to either Heimdal or MIT K5 KDC's (using
> > {SASL}principal@realm as the userPassword value and configuring slapd to
> > use saslauthd).
> >
> > --
> > Frank Swasey | http://www.uvm.edu/~fcs
> > Systems Programmer | Always remember: You are UNIQUE,
> > University of Vermont | just like everyone else.
> > === God bless all inhabitants of your planet ===
> >
>
>
>
>
>