Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 62634 invoked from network); 24 Oct 2007 19:26:44 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 24 Oct 2007 19:26:44 -0000 Received: (qmail 34949 invoked by uid 500); 24 Oct 2007 19:26:31 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 34712 invoked by uid 500); 24 Oct 2007 19:26:31 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 34701 invoked by uid 99); 24 Oct 2007 19:26:30 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Oct 2007 12:26:30 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of enriquer9@gmail.com designates 209.85.146.183 as permitted sender) Received: from [209.85.146.183] (HELO wa-out-1112.google.com) (209.85.146.183) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Oct 2007 19:26:35 +0000 Received: by wa-out-1112.google.com with SMTP id m38so406791waf for ; Wed, 24 Oct 2007 12:26:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=Ecx7tzTy3CaOUhG4DtT9ln7R2vNgH09Fua1H9tc8Ybk=; b=AttgfNs/u3zRGQGjJUwUkwl0UKfdgLkkO1TDfRs2Cz1chiKDh0CktPQe3BHI210/10W+453vTn4pJOqaWDi6s3Ar0KXdNA8SG+t6r06uz2claSwue0PfmLgbPfEYA6D3vMwhlZK+Mj885k0J3sj6ASjPfggbdP6NcDlRuXRsnZU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=H0uXbxJmSCO6EKGSVeA7gTFvQKmxyZzPSV3O9LxQtfLJwodxgQs7i2VoJatMDPwu9UK+pgq+yjeS+X1G1KyVJZlQ45zy4oZxnxoTZ7DxY7kkVDwn4ID7knMuyVtbLa9dV4m9ipXcDQISYobmY/la+ben5J+tLACOUnC/kMc5Mh8= Received: by 10.115.54.1 with SMTP id g1mr1043164wak.1193253972282; Wed, 24 Oct 2007 12:26:12 -0700 (PDT) Received: by 10.115.60.6 with HTTP; Wed, 24 Oct 2007 12:26:12 -0700 (PDT) Message-ID: <568753d90710241226t6438f1bcj7188698788cf76e2@mail.gmail.com> Date: Wed, 24 Oct 2007 12:26:12 -0700 From: "Enrique Rodriguez" Reply-To: erodriguez@apache.org To: "Apache Directory Developers List" Subject: Re: Apache DS latest code from the trunks 1.5.1x In-Reply-To: <596005.7917.qm@web51004.mail.re2.yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <596005.7917.qm@web51004.mail.re2.yahoo.com> X-Virus-Checked: Checked by ClamAV on apache.org On 10/20/07, Abdullah Zahur wrote: > Hi all. > I have been trying to set the Apache DS with Kerberos enabled. I am using > the original server.xml that comes with apacheds code with out any changes > and am using the Kerberos-example.ldif that also comes with the code.... > without modifications. > ... It sounds like you need to un-comment the XML stanza that enables the KeyDerivationService in the server.xml. This service (interceptor) intercepts writes of the user password to automatically derive the keys required for Kerberos operation. With the interceptor enabled, you can either re-write the passwords using the LDAP protocol or you can delete your database and reload the principals via LDIF import. BTW, we have a users@ mailing list for user questions. Enrique