Page created: 26 Jul 2021
|
Page updated: 14 Jan 2022
Directory Server's utilities all support SASL GSSAPI
options for systems using Kerberos as its main authentication mechanism. The following
procedure shows how to use dsreplication with SASL GSSAP to set up a
new replication.admin
identity while enabling replication on a
server.
Note:
A separate Kerberos identity is required to manage replication. Existing Kerberos credentials can be used to interact with the server when enabling replication and creating the new identity.
The new identity, such as replication.admin
, must not exist as the
cn
or uid
value under any public base
distinguished name (DN).