[Date Prev][Date Next] [Chronological] [Thread] [Top]

How can I configure nss_ldap to get a ticket automatically upon request?



Is this possible? The only way to connect to my OpenLDAP server is through Kerberos, I disabled all other authentications. I created a principal for nss_ldap and I exported its key to the keytab file on the server. How can I force nss_ldap to use it to connect my ldap server?

Here is the contents of my /etc/libnss_ldap.conf:
base dc=mydomain,dc=com
uri ldaps://machine1
ldap_version 3
nss_base_passwd ou=People,dc=mydomain,dc=com
nss_base_shadow ou=People,dc=mydomain,dc=com
nss_base_group ou=Group,dc=mydomain,dc=com
ssl start_tls
ssl on
use_sasl on
sasl_auth_id
sasl_auth_id nssldap/machine1

Note that my Kerberos is working correctly and I can successfully ldapsearch -Y GSSAPI over a self-signed certificate.

Thank you

Amir
_________________________________________________________________
Invite your mail contacts to join your friends list with Windows Live Spaces. It's easy!
http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us