Am Wed, 05 Jul 2023 18:18:31 -0000 schrieb dbars...@nd.edu: > Total newbie here so please be gentle. I'm trying to set up a simple > ldap server that uses SASL and Kerberos for authentication. I built > OpenLDAP --with-cyrus-sasl and --enable-spasswd. I have the service > principal and testsaslauthd works. I used slapadd to build the > initial config (from slapd.ldif) and ldapadd to define a rootdn and > basedn (basically ou=people and ou=groups). Added a user (me) and a > group. > > I have a slapd.conf file at /usr/lib/sasl2 that defines keytab: > krb5.keytab, mech_list: GSSAPI, pwcheck_method: saslauthd, > saslauthd_path: /run/saslauthd/mux.
You should create a service principal i.e. a ldap principal. -Dieter -- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E