Hi,<br> We are currently trying to use OpenLDAP as the database for Kerberos in our lab.<br>We installed OpenLDAP in Ubuntu 10.04 and is working without any problem (i,e. queries are showing the correct results)<br>But we are not able to get Kerberos authenticate via OpenLDAP. <br>

<br>For authenticating via OpenLDAP, the principles needs to be rewritten (using authz-policy and authz-regexp). We know how to do<br>that in older version of OpenLDAP which had (slapd.conf) but don&#39;t know how to do the same in new OpenLDAP which has slapd.d directory instead.<br>

The manuals also doesn&#39;t say anything on this issue.<br><br>We did the following for testing authentication via Kerberos:<br><div style="margin-left: 40px;"><br>kinit username; ldapsearch -H ldaps://<a href="http://server.example.com">server.example.com</a> <br>

<br></div>And we got this result:<br><br><div style="margin-left: 40px;">SASL/DIGEST-MD5 authentication started<br>Please enter your password: <br>ldap_sasl_interactive_bind_s: Invalid credentials (49)<br>    additional info: SASL(-13): user not found: no secret in database<br>

</div><br>We just want to perform this:<br><br>authz-policy from<br>authz-regexp<br>     uid=(.*),cn=<a href="http://example.com">example.com</a>,cn=GSSAPI,cn=auth<br>     uid=$1,ou=people,dc=example,dc=com<br><br>We think adding this in slapd.conf should serve the purpose. Any suggestions/help is highly appreciated.<br clear="all">

<br>-- <br><span style="font-family: arial,helvetica,sans-serif;">Sarath</span> <br style="font-family: arial,helvetica,sans-serif;"><span style="font-family: arial,helvetica,sans-serif;"></span><br><br>