[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Simple Binds / Invalid credentials
* Grant Carmichael <germanshorthairpointer@gmail.com> [050920 19:54]:
> Hi everyone,
>
> I've been working on setting up an enterprise directory
> using Heimdal Kerberos and OpenLDAP. The one part I'm stuck
> on is getting simple binds to successfully use SASL to
> authenticate against Kerberos. Below I've add some of my
Simple Binds doesn't use SASL at all. You have to go an indirect
route:
1.) set the UserPassword-Entry to {sasl}user@REALM (you have done that
allready)
2.) start the saslauthd-Daemon on the same computer your
directory-server runs on. Use as startup-Flag "-a kerberos5"
3.) Configure slapd to use the saslauthd-Daemon
-> search for the sasl2-Library Path usually in /usr/lib/sasl2 or
/usr/local/lib/sasl2
-> in this directory create a file slapd.conf with the following
content:
SNIP-->
pwcheck_method: saslauthd
mech_list: gssapi
--<SNAP
4.) (Don't know, if its neccessary) Restart slapd
--
Max-Born-Institut (MBI)/Max-Born-StraÃe 2A/12489 Berlin/Karsten Gorling
Telefon: ++49 30 6392 1341 / Telefax: ++49 30 6392 1309
E-Mail: kgorling@physik.tu-berlin.de or gorling@mbi-berlin.de
Instantmessenger: Jabber: grafzahl@jabber.fsinf.de or ICQ: 95492828
PGP-Fingerprint: 4BEF 23EA 02AE BACA 9918 31FF 285B 0426 0E1A B2FC
----------------- > encrypted E-Mail preferred <------------------------