directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Enrique Rodriguez" <enriqu...@gmail.com>
Subject Re: [kerberos] How to add client/server information into kerberos database
Date Thu, 29 Nov 2007 21:23:21 GMT
On Nov 28, 2007 11:29 PM, Spark Shen <smallsmallorgan@gmail.com> wrote:
> I did not find document about how to add client/server information to kdc
> server ,
> would any one give me a hand? Thanks in advance.
> ...

I think the best doc we currently have is for configuring SASL GSSAPI,
since a subset of configuring SASL GSSAPI is configuring Kerberos
principals, so the docs are pretty good here:

http://directory.apache.org/apacheds/1.5/howto-do-sasl-gssapi-authentication-to-apacheds.html

You can skip ahead to steps 12-14, in which you (#12) enable the
Kerberos protocol, (#13) enable the Key Derivation interceptor, and
then (#14) load an LDIF file.  You load principals using standard LDAP
means, so you can also use the LDAP protocol.  Though, for getting
started, an LDIF file is pretty straightforward.  In that doc is a
link to an LDIF showing how to format an LDIF file:

http://directory.apache.org/apacheds/1.5/howto-do-sasl-gssapi-authentication-to-apacheds.data/sasl-gssapi-example.ldif

The rest of your config looks OK.

Enrique

Mime
View raw message