[31892] in Kerberos
Kerberos syncrepl support for OpenLDAP
daemon@ATHENA.MIT.EDU (Jaap Winius)
Sun Jan 10 22:17:59 2010
From: Jaap Winius <jwinius@umrk.nl>
MIME-Version: 1.0
Date: 10 Jan 2010 12:58:09 GMT
Message-ID: <4b49cee1$0$3385$e4fe514c@dreader14.news.xs4all.nl>
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi all,
It wasn't all that difficult to add MIT Kerberos V support to an OpenLDAP
server for client authentication, but using it to encrypt synchronization
traffic between provider and consumer servers is something else.
I know how to configure OpenLDAP's syncrepl directive with the "simple"
bindmethod, using a clear-text password exchange and clear-text database
replication, but can anyone spare a few hints on how to configure things
so that syncrepl uses Kerberos encryption? I know it's possible, using
stuff like GSSAPI and kinit cron jobs, but it's not well documented.
Thanks,
Jaap
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
