I've been trying for some time to change from NIS to LDAP. But, as
the first step, I just wanted to use the database backend "PASSWD"
to try everything out. After choosing that I needed to install and
configure SASL so that I had encryption for the all process. At that
time I had to choose some libsasl modules, so I installed gssapi-mit
and digestmd5-des. The first problem is that when doing a
'ldapsearch -x -b "" -s base -LLL supportedSASLMechanisms'
I only get the GSSAPI. Trying out the krb5 module (since the simpler
digestmd5-des can be used) and after configuring kerberos I realized
that I had to login THROUGH Kerberos (or doing kinit) before I could
use ldapsearch with sasl. But my objective with LDAP is to replace
NIS at login time so logging in with Kerberos ruins all my plans! To
login with Kerberos I have to add all users as principals. I still
want to maintain users and passwords in the passwd and shadow files
(at least for now).
I think I've misunderstood something in this process... even after
reading LOTS of howto's and LDAP's admin documentation.
Can anyone give me a hint of what I am missing here?
Thanks in advance,