Wes Modes wrote:
That is very close, though I'll make one minor correction. From Samba to OpenLDAP via TLS uses smbldap-tools and doesn't need SASL. SASL with the GSSAPI mechanism will be what is used when the LDAP server asks the Kerberos KDC if the password is valid.Jeffrey Altman wrote:Let me rephrase what you are attempting to do. You want to authenticate the LDAP query from the Samba client to the OpenLDAP server by sending a username and password from Samba to OpenLDAP over a TLS protected connection using SASL.Instead of the LDAP server storing the password and using that for authentication, you want to have the LDAP server ask the Kerberos KDC if the password is valid.Please confirm that this is your desire.-- Wes Modes Server Administrator & Programmer Analyst McHenry Library Computing & Network Services Information and Technology Services 459-5208
smime.p7s
Description: S/MIME Cryptographic Signature
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
