[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ldap simple bind with kerberos passwords
- To: Karen R McArthur <kmcarthu@bates.edu>
- Subject: ldap simple bind with kerberos passwords
- From: Karen R McArthur <kmcarthu@bates.edu>
- Date: Thu, 09 Feb 2006 09:31:41 -0500
- Organization: Bates College
- User-agent: Thunderbird 1.5 (Windows/20051201)
This issue involves ldap-kerberos integration. I'm not sure if this is
a kerberos or an ldap configuration problem so have sent it both to the
openldapldap-software and the kerberos lists.
openldap-2.2.15-2; krb5-libs-1.2.5-15; cyrus-sasl-2.1.10-1
Passwords are stored in the kerberos database. All passwords in ldap
are set to {SASL}principle@REALM (I've also tried
{KERBEROS}principle@REALM). All ldap "People" have a kerberos record
and also the "krb5Principal" objectClass.
The keytabs ldap/<FQDN>@REALM, host/<FQDN>@REALM, cvs/<FQDN>@REALM, and
svn/<FQDN>@REALM all exist.
I can authenticate to all of my Linux servers. Most of my applications
are authenticating with no problems. However, those application that
are not kerberos aware and require a simple ldap bind are not
authenticating. (for example, subversion).
Is this an ldap configuration issue? Or is it kerberos? Any ideas
would be greatly appreciated!
--
Karen R. McArthur <kmcarthu@bates.edu>
Systems Administrator
Information and Library Services, Bates College
Lewiston, Maine 04240
ph:(207) 786-8236 fax:(207) 786-6057