On Nov 28, 2007 11:29 PM, Spark Shen <[EMAIL PROTECTED]> wrote: > I did not find document about how to add client/server information to kdc > server , > would any one give me a hand? Thanks in advance. > ...
I think the best doc we currently have is for configuring SASL GSSAPI, since a subset of configuring SASL GSSAPI is configuring Kerberos principals, so the docs are pretty good here: http://directory.apache.org/apacheds/1.5/howto-do-sasl-gssapi-authentication-to-apacheds.html You can skip ahead to steps 12-14, in which you (#12) enable the Kerberos protocol, (#13) enable the Key Derivation interceptor, and then (#14) load an LDIF file. You load principals using standard LDAP means, so you can also use the LDAP protocol. Though, for getting started, an LDIF file is pretty straightforward. In that doc is a link to an LDIF showing how to format an LDIF file: http://directory.apache.org/apacheds/1.5/howto-do-sasl-gssapi-authentication-to-apacheds.data/sasl-gssapi-example.ldif The rest of your config looks OK. Enrique
