ODSEE - Configuring SASL/GSSAPI Authentication Against a Kerberos Provider
(Doc ID 1364537.1)
Last updated on OCTOBER 31, 2019
Applies to:Oracle Directory Server Enterprise Edition - Version 18.104.22.168.0 and later
Oracle Solaris on x86 (32-bit)
Oracle Solaris on SPARC (64-bit)
Oracle Solaris on x86-64 (64-bit)
Oracle Solaris on SPARC (32-bit)
***Checked for relevance on 13-05-2013***
This document provides current instructions on configuring the Solaris or Linux release of the 11.gR1 version of the ODSEE to use SASL with the GSSAPI Authentication mechanism against a kerberos authentication provider. This can be used to map a valid Kerberos request to a directory entry for successful bind to the ODSEE.
This document covers the initial setup and configuration steps, including pointers to key documentation as well as supporting KM notes that can assist when attempting this type of configuration. It assumes working kerberos, as well as name services (DNS, NIS, etc.), are in place on the target systems for setup.
The first place to start is with the ODSEE documentation on the setup and configuration as well, and use these documents for clarification and requirements on Linux.
Before getting started, please see "Using Kerberos SASL GSSAPI in Clients"
This document supplements that discussion and offers detail on configuring the Directory server.
In this document Kerberos services are assumed to be working and configured on the hosts for testing on.
Please review the links into the Solaris Administration Guide from the ODSEE GSSAPI checklist for setting up and configuring Kerberos servers and clients for Solaris environments, or review the appropriate Linux documentation (such as the Redhat guide for configuring Kerberos servers and clients) for the specific configuration steps for Linux.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document