[31979] in Kerberos
LDAP/Kerberos client config
daemon@ATHENA.MIT.EDU (Jaap Winius)
Mon Jan 25 13:00:45 2010
From: Jaap Winius <jwinius@umrk.nl>
MIME-Version: 1.0
Date: 25 Jan 2010 16:48:56 GMT
Message-ID: <4b5dcb78$0$6912$e4fe514c@dreader17.news.xs4all.nl>
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi all,
Now that I'm satisfied with my OpenLDAP/Kerberos server configuration,
I'm attempting to devise a suitable (Debian lenny) client setup for it.
Although I hear that it may not be the best approach, I'm currently
pursuing a client configuration that includes kstart, libnss-ldap, nscd
and libpam-ldap. At the moment I'm happy with all of it except libnss-
ldap.
Kstart has no problem obtaining an initial Kerberos ticket, but I can't
get libnss-ldap to use it to access the DIT. So far my libnss-ldap.conf
looks like:
base dc=example,dc=com
uri ldap://ldapks1.example.com/
ldap_version 3
rootuse_sasl yes
krb5_ccname FILE:/tmp/krb5cc_0
Any idea what I might be missing?
Thanks,
Jaap
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
