upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-02-10 14:23:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Rework Kerberos principals (ITS#2695)

Browse source
This commit is contained in:
Kurt Zeilenga 2003-10-13 03:18:17 +00:00
parent 6aff66cf67
commit 53081446ed
1 changed files with 5 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
doc/guide/admin/sasl.sdf
View file

@ -192,18 +192,17 @@ command option.
For the purposes of authentication and authorization, {{slapd}}(8)
associates a non-mapped authentication request DN of the form:
> uid=<principal>,cn=<realm>,cn=gssapi,cn=auth
> uid=<primary[/instance]>,cn=<realm>,cn=gssapi,cn=auth
Continuing our example, a user
with the Kerberos principal {{EX:kurt@EXAMPLE.COM}} would have
the associated DN:
Continuing our example, a user with the Kerberos principal
{{EX:kurt@EXAMPLE.COM}} would have the associated DN:
> uid=kurt,cn=example.com,cn=gssapi,cn=auth
and the principal {{EX:ursula@FOREIGN.REALM}} would have the
and the principal {{EX:ursula/admin@FOREIGN.REALM}} would have the
associated DN:
> uid=ursula,cn=foreign.realm,cn=gssapi,cn=auth
> uid=ursula/admin,cn=foreign.realm,cn=gssapi,cn=auth
H3: DIGEST-MD5