nss_ldap using sasl with gssapi. Kerberos credentials cache problem

Howard Wilkinson howard at cohtech.com
Tue Sep 12 16:29:03 UTC 2006

I have been installing nss_Ldap for sasl connections to a Windows 2003 
R2 infrastructure and run into some problems. It turns out that the 
package distributed with FC5 and in development have an incorrect option 
set with the configuration for the configuration file feature 
krb5_ccname to work.

The configure line currently uses --enable-configurable-krb5-ccname 
which does not do anything useful. It should either read 
--enable-configurable-krb5-ccname-env or 
--enable-configurable-krb5-ccname-gssapi to make this work. I have 
chosen the second as the first does not confer any advantage in allowing 
the environment to override in the current implementation.

Without this setting then the calling environment must have a credential 
cache set up for the code to work - the behaviour of both the nscd and 
the general calling environment give local errors when there is not 
credentials cache defined.

Howard Wilkinson





Coherent Technology Limited





23 Northampton Square,





London, United Kingdom, EC1V 0HL




howard at cohtech.com


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20060912/8542ce80/attachment.htm>

More information about the fedora-devel-list mailing list