1This directory contains the "kinit" slapd module. It is a simple plugin to 2have slapd request a Kerberos TGT and keep it renewed as long as slapd is 3running. 4 5The current implementation has only been tested against the MIT variant of 6the Kerberos libraries. (Heimdal support might come later) 7 8To use the overlay just load it into the slapd process: 9 10 moduleload </path/to>/kinit.so <principal> </path/to/key.tab> 11 12The module accepts two arguments. The first one being the principal for which 13to request the TGT (it defaults to "ldap/<your hostname>@<DEFAULTREALM>") 14and the second one is the path to the keytab file to use for 15authentication, defaulting to whatever your system wide kerberos settings 16default to). 17 18Use Makefile or the following commands should work to 19build it from inside the unpacked slapd sources, provided the required KRB5 20header files and libraries are installed on your system: 21 22 gcc -fPIC -c -I ../../../include/ -I ../../../servers/slapd kinit.c 23 gcc -shared -o kinit.so kinit.o -lkrb5 24 25--- 26This work is part of OpenLDAP Software <http://www.openldap.org/>. 27 28Copyright 2010-2021 The OpenLDAP Foundation. 29 30Redistribution and use in source and binary forms, with or without 31modification, are permitted only as authorized by the OpenLDAP 32Public License. 33 34A copy of this license is available in the file LICENSE in the 35top-level directory of the distribution or, alternatively, at 36<http://www.OpenLDAP.org/license.html>. 37