hi list i was wondering if I could somehow make my suse (10) authenticate versus my windows 2003 domain controller. I configured both ldap client and kerberos client in Yast2. Authentication works (the kerberos part).. but I still cannot log in because ldap isn't able to fetch user account information from my active directory which is because it's not using the kerberos credidentials to establish a gssapi connection.
So I set up shell/home information in /etc/passwd. No password. Passwords are still being retrieved from the domain controller via kerberos. Big surprise -> login works. If I now issue a ldapsearch with the filter it already tried before (but with no valid bind) "(&(objectclass=User)(msSFU30Name=testuser))" it starts a SASL/GSSAPI authentication and successfully fetches the needed information. Why doesn't ldap use gssapi on logins then.. or where can I tell it to use it? Couldn't find any suitable option in Yast nor the config files themselves. Oh and no I don't want to use a dedicated user with a locally stored plaintext password to search active directory :) might anyone please help? best regards Roman Sommer --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
