@[email protected]<mailto:[email protected]>
I have setup kerberos + GSSAPI + Cyrus-SASL + OpenLDAP and it worked well. To setup this, I added slapd.conf in directory /etc/sasl2/ on centos as below, [dcos@kdc sasl2]$ cat slapd.conf keytab: /var/keytab/ldap.keytab mech_list: CRAM-MD5 DIGEST-MD5 GSSAPI So, how could I make similar configuration with ApacheDS? Thanks, Jared, (韦煜) Software developer Interested in open source software, big data, Linux ________________________________ From: Emmanuel Lécharny <[email protected]> Sent: Tuesday, February 7, 2017 3:37:23 PM To: [email protected] Subject: Re: Is it possible to use separate kerberos server with ApacheDS ldap server? Le 07/02/2017 à 08:20, Yu Wei a écrit : > Hi, > > > I setup MIT kerberos server and verified that it worked well. > > Could I use my MIT kerberos server with apacheds ldap server? Why not ? People routinely use OpenLDAP in parallel of a MIT kerberos server. ApacheDS is *just* a plain LDAP server, with an additional Kerberos Server using ApacheDS LDAP server as a storage system. > > How could I configure it? I don't know about the MIT server's configuration. You probably want to look for places describing how to make OpenLDAP a backend for a Kerberos server, and configure ApacheDS accordingly. -- Emmanuel Lecharny Symas.com directory.apache.org
