Hi,
is there a possibility to configure slapd on a multihomed host to authenticate
on the different interfaces with different Kerberos principals?
Example:
one host running linux with two NICs (eth0, eth1) and slapd
eth0: IP 10.0.0.23, hostname ldap.sn-1.example.com
eth1: IP 10.1.0.42, hostname ldap.sn-2.example.com
A client which connects via hostname ldap.sn-1.example.com would request a
ticket for the principal ldap/[EMAIL PROTECTED] and one connecting via
ldap.sn-2.example.com would request a ticket for ldap/[EMAIL PROTECTED]
Does it suffice to store both keys in the keytab to enable slapd to
authenticate for both principals, i.e. does it picks the right key?
Which hostname should I define as sasl-host when using SASL to enable
plain-text authentication over a SSL-secured connection or is it possible to
set multiple sasl-hosts?
bye
Chris
--
phone: +49 6898/10-4987
web : www.saarstahl.de
mail : Hofstattstraße 106a
D 66333 Voelklingen
