Hi Jeremy,
Thanx, that did the trick. Now I can continue with Cyrus etc.
Greetz,
Arnoud
Jeremy Thomas Hunt <[EMAIL PROTECTED]>
16-02-2006 00:23
To
[EMAIL PROTECTED]
cc
kerberos@mit.edu
Subject
Re: kerberos+sasl+openldap
Hi Arnoud,
Use of DNS is controlled via krb5.conf
Hi Arnoud,
Use of DNS is controlled via krb5.conf, with three directives. I looked
at the MIT man page for krb5.conf. Note that this is different to the
man page from vendors such as Sun, you should be looking at the file
/krb5/man/man5/krb5.conf.5. In any case these directives are described
Hi,
I recently started to install a central authentication server with
openldap, kerberos, sasl etc on a test server for starters. I installed
kerberos, but when I try to start kinit it returns an error stating:
kinit(v5): Cannot resolve network address for KDC in requested realm while
getting
here is my pam config :)
when I login with ssh or login, I have a ticket :)
The last problem for me it's with idmapd and openldap because the
schema is not valid, but I try to modify this schema
I'm writing a howto on my wiki, actually only configuration file, at
http://www.kakou.org/mediawiki/in
Keep in mind that http://www.citi.umich.edu/projects/nfsv4/crossrealm/
is experimental. I'm interested in problems you have with ldap v2
though.
So are you saying that you are now using pam_krb5 for login
authentication? (What does your pam config file look like?)
You should contact [EMAIL PROT
Now all is ok, I have kerb and next ldap in my system-auth, ldap in
nsswitch, and I can login with kerb and account information are storage
in the ldap.
Before, I tries to connect (auth+account), with ldap and SASL (for auth
via kerb), and I wanted a ticket, but now I know that this is
impossible (
[EMAIL PROTECTED] wrote:
> Yes, It's the first solution that I have tried.
> login->pam_krb5->kerberos + ldap for account
>
> And I would to test the login->pam_ldap->openldap->SASL->kerberos just
> for fun :)
> with this way, all client can connect to the server with ldap (no need
> of kerbero
On 2006-02-10 15:16:07 +0100, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> said:
> Yes, It's the first solution that I have tried.
> login->pam_krb5->kerberos + ldap for account
>
> And I would to test the login->pam_ldap->openldap->SASL->kerberos just
> for fun :)
> with this way, all client can con
Yes, It's the first solution that I have tried.
login->pam_krb5->kerberos + ldap for account
And I would to test the login->pam_ldap->openldap->SASL->kerberos just
for fun :)
with this way, all client can connect to the server with ldap (no need
of kerberos). Kerberos client can supplementary have
>
> I try to install openldap+SASL+kerberos, I can login in with pam_ldap
> and the authentification is make with kerberos via SASL, But I must do
> a kinit to have a ticket (idem when I log in with ssh).
> How to have a ticket at login??
>
> login->pam_ldap->openldap->SASL->kerberos
>
This way t
Hello,
I try to install openldap+SASL+kerberos, I can login in with pam_ldap
and the authentification is make with kerberos via SASL, But I must do
a kinit to have a ticket (idem when I log in with ssh).
How to have a ticket at login??
login->pam_ldap->openldap->SASL->kerberos
Thanks
__
[EMAIL PROTECTED] wrote:
> I try to install openldap+SASL+kerberos, I can login in with pam_ldap
> and the authentification is make with kerberos via SASL, But I must do
> a kinit to have a ticket (idem when I log in with ssh).
> How to have a ticket at login??
>
> login->pam_ldap->openldap->SASL-
12 matches
Mail list logo
