Today at 12:54pm, tuliol@sybatech.com wrote:
Has anybody been successful in using a Kerberos server to authenticate
openldap user entries?
Are you attempting to have people who already have Kerberos tickets
authenticate to OpenLDAP or have people give their Kerberos password to
OpenLDAP and be authenticated?
pam against the MS AD Kerberos server.
Can you give me some guidance in how to do this?
I have saslauth running with (/usr/sbin/saslauthd -m /var/run/saslauthd -a
kerberos5) I am not sure if that is something I need.
Each user entry in the directory have the following kerberos attributes:
krb5PrincipalName: stest75@UNIV.UNIV.EDU
userPassword: {SASL}stest75@UNIV.UNIV.EDU
I also have a /usr/lib/sasl2/slapd.conf with:
pwcheck_method:saslauthd
saslauthd_path:/var/run/saslauthd/mux
keytab:/etc/krb5.keytab
Any help will be appreciated.