Am Fri, 20 Dec 2019 20:54:13 +0100 schrieb Stefan Kania stefan@kania-online.de:
Hello,
I try to do the authentication in LDAP via Kerberos. The Kerberos-Database is in LDAP, no problem, I can login to the system as a normal user but when I do a "ldapwhomami" I get the following output: ----------------- u1-verw@ldapserver:~$ ldapwhoami SASL/GSSAPI authentication started SASL username: u1-verw@EXAMPLE.NET SASL SSF: 256 SASL data security layer installed. dn:uid=u1-verw,cn=gssapi,cn=auth
I would like to get the original DN from the user not the dn:*,cn=gssapi,cn=auth. So I put into my configuration:
[...]
I face the same problem with OpenIndiana. To my experience it's only GSSAPI, DIGEST-MD5 and CRAM-MD5 work as expected. But I must admit, it is only on Solaris not on Linux.
-Dieter