I run several openldap's; one central master and several slaves. It all works fine on SL5. While we don't run production kerberos servers on SL5 anymore I often bring up a kerberos server to investigate problems encountered when using our centrally provided kerberos server and it's trival to do and easy to setup on SL5. nfs4, not a clue. Jon Clark wrote: > Hello all, > > We are currently setting up a new SL5 server and ideally we would like > to use openldap and kerberos to provide centralised user authentication > (and NFSv4 to share out central home spaces). Has anybody successfully > done this (or similar) using a SL5 server? Did you find any useful on > line tutorials on the subject? > > We have done quite a lot of googling and tried to follow this tutorial: > > http://aput.net/~jheiss/krbldap/howto.html > > We have kerberos working, openldap working, but unfortunately we fail > when trying to use them together: > > [root@testServer ldap-config]# ldapsearch -H > ldap://testServer.shef.ac.uk/ -b dc=somas,dc=org > SASL/GSSAPI authentication started > ldap_sasl_interactive_bind_s: Invalid credentials (49) > additional info: SASL(-13): authentication failure: GSSAPI > Failure: gss_accept_sec_context > > > When we have googled this error, we found it mentioned a lot but no > solutions given. So we're a bit stuck! > > Anyone know of a tutorial they are prepared to share? > > Regards, > Jon > -- --------------------------------------------------------- Faye Gibbins, Computing Officer (Infrastructure Services) GeoS KB; Linux, Unix, Security and Networks. Beekeeper - The Apiary Project, KB - www.bees.ed.ac.uk --------------------------------------------------------- I grabbed at spannungsbogen before I knew I wanted it. (x(x_(X_x(O_o)x_x)_X)x) The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.