Am Fri, 17 Dec 2021 16:34:41 +0100 schrieb Stefan Kania <ste...@kania-online.de>:
> Hello to all, > > I'm trying to get GSSAPI authentication running with the > symas-packages. I generated a ldap.keytab file and it's readable for > the ldap-user running the slapd. With the Debian-packages I ad: > --------- > export KRB5_KTNAME="/path/to/ldap.keytab" > --------- > > I don't want to use the system keytab /etc/krb5.keytab. How do I tell > slapd from the symas-packages to use my service-keytab? > > I try to add to my /etc/default/symas-openldap: > --------- > KRB5_KTNAME="/path/to/ldap.keytab > --------- > but it's not working. /etc/sasl2/slapd.conf mech_list: gssapi digest-md5 cram-md5 external keytab: /etc/openldap/ldap.keytab /etc/ldap.conf KRB5_KTNAME=/etc/openldap/krb5.keytab SASL_MECH GSSAPI SASL_REALM My.SASL.REALM -Dieter -- Dieter Klünter | Systemberatungslapd GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E