From: cajus Date: Fri, 17 Nov 2006 06:16:09 +0000 (+0000) Subject: Change kerberos handling X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=86a711656454b20d8a60d45e595ca65eefd809fe;p=gosa.git Change kerberos handling git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@5142 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/FAQ b/FAQ index b1fe2285c..16dc268c9 100644 --- a/FAQ +++ b/FAQ @@ -338,3 +338,10 @@ Q: Is there a way to let GOsa automatically fill missing fields in the network A: Sure. You can specify the "autoconf" option and provide the contributed script "net-resolver.sh" in your gosa.conf. If this is configured, you're getting an additional button in each network dialog. + + +Q: New implementations of OpenLDAP seem to require {sasl} instead of {kerberos} + in password hashes. GOsa writes the wrong string. What can I do? + +A: You can set "krbsasl" to "true" in your gosa.conf's main section. + diff --git a/include/class_config.inc b/include/class_config.inc index 339eca51f..0672d0704 100644 --- a/include/class_config.inc +++ b/include/class_config.inc @@ -300,6 +300,17 @@ class config { $this->current['PASSWORD']= $referral['PASSWORD']; } + /* Possibly load kerberos style */ + if (isset($this->current['KRBSASL'])){ + if (preg_match('/^(yes|true)$/i', $this->current['KRBSASL'])){ + $this->current['KRBSASL']= "sasl"; + } else { + $this->current['KRBSASL']= "kerberos"; + } + } else { + $this->current['KRBSASL']= "kerberos"; + } + /* Load server informations */ $this->load_servers(); } diff --git a/include/class_password-methods-kerberos.inc b/include/class_password-methods-kerberos.inc index e66ebbba9..03d935ac6 100644 --- a/include/class_password-methods-kerberos.inc +++ b/include/class_password-methods-kerberos.inc @@ -62,7 +62,7 @@ class passwordMethodkerberos extends passwordMethod kadm5_destroy($handle); - $newpass= "{kerberos}".$this->attrs['uid'][0]."@".$cfg['REALM']; + $newpass= "{".$this->config->current['KRBSASL']."}".$this->attrs['uid'][0]."@".$cfg['REALM']; return $newpass; }