Openfire + OpenLDAP + MIT Kerberos

I am looking to use Openfire in an enviroment that dosen’t use Active Directory as the Authentication Scheme.

In our enviroment we have :

  • OpenLDAP on Solaris (For VCards only)

  • MIT Kerberos on Solaris (Used for Auth)

  • Windows 2003 Server for OpenFire

I’m having a bugger of a time trying to get this combination to work. It dosen’t really matter the configuration I’m trying to put in place, OpenFire is trying to auth based on our LDAP server, and is not sending the authentication scheme to Kerb. A majority of our clients don’t support Kerberos (or at least, they don’t have KfW installed, and are not attached to a domain).

Has anybody been in this situation before? Is there any documentation to support this style of configuration?

There should not be any problems with this configuration, provided you know what you are doing My best suggestion is to try the documentation and treat the whole setup as a Unix setup (even though you are using Windows for various things). KfW will not put the TGT or service tickets in the same place AD does unless the system is configured to join the domain, because of the way windows configures things. That basicly means the Unix API is used, and Java does support that. If you run into specific problems, just ask.