[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap simple bind with kerberos passwords



This issue involves ldap-kerberos integration. I'm not sure if this is a kerberos or an ldap configuration problem so have sent it both to the openldapldap-software and the kerberos lists.

openldap-2.2.15-2; krb5-libs-1.2.5-15; cyrus-sasl-2.1.10-1

Passwords are stored in the kerberos database. All passwords in ldap are set to {SASL}principle@REALM (I've also tried {KERBEROS}principle@REALM). All ldap "People" have a kerberos record and also the "krb5Principal" objectClass.

The keytabs ldap/<FQDN>@REALM, host/<FQDN>@REALM, cvs/<FQDN>@REALM, and svn/<FQDN>@REALM all exist.

I can authenticate to all of my Linux servers. Most of my applications are authenticating with no problems. However, those application that are not kerberos aware and require a simple ldap bind are not authenticating. (for example, subversion).

Is this an ldap configuration issue? Or is it kerberos? Any ideas would be greatly appreciated!

--
Karen R. McArthur <kmcarthu@bates.edu>
Systems Administrator
Information and Library Services, Bates College
Lewiston, Maine 04240
ph:(207) 786-8236   fax:(207) 786-6057