[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP/Kerberos client config

To: openldap-technical@openldap.org
Subject: LDAP/Kerberos client config
From: Jaap Winius <jwinius@umrk.nl>
Date: Mon, 25 Jan 2010 17:46:59 +0100
Content-disposition: inline
User-agent: Internet Messaging Program (IMP) H3 (4.1.5)

Hi all,

Now that I'm satisfied with my OpenLDAP/Kerberos server configuration,I'm attempting to devise a suitable (Debian lenny) client setup for it.

Although I hear that it may not be the best approach, I'm currentlypursuing a client configuration that includes kstart, libnss-ldap,nscd and libpam-ldap. At the moment I'm happy with all of it exceptlibnss-ldap.

Kstart has no problem obtaining an initial Kerberos ticket, but Ican't get libnss-ldap to use it to access the DIT. So far mylibnss-ldap.conf looks like:


   base dc=example,dc=com
   uri ldap://ldapks1.example.com/
   ldap_version 3
   rootuse_sasl yes
   krb5_ccname FILE:/tmp/krb5cc_0

Any idea what I might be missing?

Thanks,

Jaap

Prev by Date: Re: slapd dying, what next?
Next by Date: Re: slapd dying, what next?
Index(es):
- Chronological
- Thread