[Date Prev][Date Next] [Chronological] [Thread] [Top]

alternative listener and kerberos realm

To: openldap-software@openldap.org
Subject: alternative listener and kerberos realm
From: David Bonnafous <david.bonnafous@math.univ-toulouse.fr>
Date: Wed, 26 Nov 2008 11:31:21 +0100
User-agent: Gnus/5.1008 (Gnus v5.10.8) Emacs/21.4 (gnu/linux)

hi,

My aim was to be able to communicate with slapd (2.3.43) using two
hostnames (using alternative listeners), one HOSTNAME_A in a kerberos
realm REALM_A and the second one, HOSTNAME_B, in realm REALM_B
(according to krb5.conf section [domain_realm]).

[domain_realm]
 HOSTNAME_A = REALM_A
 HOSTNAME_B = REALM_B

slapd is running on a machine called HOSTNAME_A (command uname).

My problem is that slapd only use HOSTNAME_A to create sasl context,
as written in servers/slapd/sasl.c

	sc = sasl_server_new( "ldap", global_host, global_realm,
		iplocalport, ipremoteport, session_callbacks, SASL_SUCCESS_DATA, &ctx );

where global_host is not set according from where the connexion comes
from.

So my questions are:

1- is it a known stuff

2- do you think it is difficult to change this behavior so global_host
   depends on the hostname used to connect to slapd

thank you,
-- 
	David Bonnafous
	Institut de Mathématiques
	Université de Toulouse - France

Prev by Date: Re: TLS client certificates and memory use
Next by Date: Re: Can't get olcPasswordHash to take effect...
Index(es):
- Chronological
- Thread