On 10/20/07, Abdullah Zahur <[EMAIL PROTECTED]> wrote: > Hi all. > I have been trying to set the Apache DS with Kerberos enabled. I am using > the original server.xml that comes with apacheds code with out any changes > and am using the Kerberos-example.ldif that also comes with the code.... > without modifications. > ...
It sounds like you need to un-comment the XML stanza that enables the KeyDerivationService in the server.xml. This service (interceptor) intercepts writes of the user password to automatically derive the keys required for Kerberos operation. With the interceptor enabled, you can either re-write the passwords using the LDAP protocol or you can delete your database and reload the principals via LDIF import. BTW, we have a users@ mailing list for user questions. Enrique
