I have setted openldap+sasl+kerberos. It is working but the keberos realm is not seted in the bind dn, why?
Here is my session:
sioux@gustav$ ldapsearch -Y GSSAPI -b "" -s base -LLL supportedSASLMechanisms SASL/GSSAPI authentication started SASL username: sioux@UFV.BR SASL SSF: 56 SASL data security layer installed. dn: supportedSASLMechanisms: OTP supportedSASLMechanisms: NTLM supportedSASLMechanisms: GSSAPI supportedSASLMechanisms: DIGEST-MD5 supportedSASLMechanisms: CRAM-MD5
sioux@gustav$
Here is what i got from slapd err output :
... ... ... do_bind: dn () SASL mech GSSAPI slap_sasl_getdn: u:id converted to uid=sioux,cn=GSSAPI,cn=auth
dnNormalize: <uid=sioux,cn=GSSAPI,cn=auth>
<<< dnNormalize: <uid=sioux,cn=gssapi,cn=auth> ==>slap_sasl2dn: converting SASL name uid=sioux,cn=gssapi,cn=auth to a DN <==slap_sasl2dn: Converted SASL name to <nothing> SASL Authorize [conn=1001]: proxy authorization allowed authzDN="" send_ldap_sasl: err=0 len=-1 do_bind: SASL/GSSAPI bind: dn="uid=sioux,cn=gssapi,cn=auth" sasl_ssf=56 send_ldap_response: msgid=3 tag=97 err=0 ber_flush2: 14 bytes to sd 13 ... ... ...
Any ideia about what is going on ?