On Wed, 2008-08-20 at 11:36 +0200, Daniel Dehennin wrote: > I try to setup en kerberos/LDAP environment and I fail to setup the > nss-ldap with SASL.
Sorry to not get back to you sooner. > As libnss-ldapd use a separate daemon to make the LDAP request it > seems legitimate to permit to specify a keytab to initiate a kinit > when starting, possibly with renew/reinit on ticket expiry. My knowledge of Kerberos and SASL is very limited and I currently lack the possibility to test this thoroughly. That is why the SASL options are not documented and not fully supported. If I understand correctly when you specify use_sasl and sasl_authcid together the configuration doesn't work. You probably need to specify binddn if you use SASL. -- -- arthur - [EMAIL PROTECTED] - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part