Thank's for all the help, after all it's running. I thing it has something to do with my Ansible-script an the order I installed the packages and set up the configuration. I reinstalled all servers from scratch and now it looks like this: -------------- root@ldap01:~# ldapsearch -x -H ldapi:/// -b "" -LLL -s base supportedSASLMechanisms dn: supportedSASLMechanisms: SCRAM-SHA-1 supportedSASLMechanisms: SCRAM-SHA-256 supportedSASLMechanisms: GSS-SPNEGO supportedSASLMechanisms: GSSAPI supportedSASLMechanisms: DIGEST-MD5 supportedSASLMechanisms: EXTERNAL supportedSASLMechanisms: OTP supportedSASLMechanisms: CRAM-MD5 supportedSASLMechanisms: PLAIN supportedSASLMechanisms: LOGIN -------------- Again, thank you all for the help, several tips got me to the point.
Stefan Am 17.12.21 um 16:34 schrieb Stefan Kania: > Hello to all, > > I'm trying to get GSSAPI authentication running with the symas-packages. > I generated a ldap.keytab file and it's readable for the ldap-user > running the slapd. With the Debian-packages I ad: > --------- > export KRB5_KTNAME="/path/to/ldap.keytab" > --------- > > I don't want to use the system keytab /etc/krb5.keytab. How do I tell > slapd from the symas-packages to use my service-keytab? > > I try to add to my /etc/default/symas-openldap: > --------- > KRB5_KTNAME="/path/to/ldap.keytab > --------- > but it's not working. > > Stefan > >
smime.p7s
Description: S/MIME Cryptographic Signature
