Rework Kerberos principals (ITS#2695)

author Kurt Zeilenga <kurt@openldap.org>

Mon, 13 Oct 2003 03:18:17 +0000 (03:18 +0000)

committer Kurt Zeilenga <kurt@openldap.org>

Mon, 13 Oct 2003 03:18:17 +0000 (03:18 +0000)
author Kurt Zeilenga <kurt@openldap.org>
Mon, 13 Oct 2003 03:18:17 +0000 (03:18 +0000)
committer Kurt Zeilenga <kurt@openldap.org>
Mon, 13 Oct 2003 03:18:17 +0000 (03:18 +0000)
diff --git a/doc/guide/admin/sasl.sdf b/doc/guide/admin/sasl.sdf

index 20b55a824713c639a905a8804775accbb6fdf78b..76b6cec9bbafd8fde0e41cbb53b2ce74b1ba7fe3 100644 (file)
--- a/doc/guide/admin/sasl.sdf
+++ b/doc/guide/admin/sasl.sdf
@@ -192,18 +192,17 @@ command option.
  For the purposes of authentication and authorization, {{slapd}}(8)
  associates a non-mapped authentication request DN of the form:
  
->      uid=<principal>,cn=<realm>,cn=gssapi,cn=auth
+>      uid=<primary[/instance]>,cn=<realm>,cn=gssapi,cn=auth
  
-Continuing our example, a user
-with the Kerberos principal {{EX:kurt@EXAMPLE.COM}} would have
-the associated DN:
+Continuing our example, a user with the Kerberos principal
+{{EX:kurt@EXAMPLE.COM}} would have the associated DN:
  
  >      uid=kurt,cn=example.com,cn=gssapi,cn=auth
  
-and the principal {{EX:ursula@FOREIGN.REALM}} would have the
+and the principal {{EX:ursula/admin@FOREIGN.REALM}} would have the
  associated DN:
  
->      uid=ursula,cn=foreign.realm,cn=gssapi,cn=auth
+>      uid=ursula/admin,cn=foreign.realm,cn=gssapi,cn=auth
  
  
  H3: DIGEST-MD5
author	Kurt Zeilenga <kurt@openldap.org>
	Mon, 13 Oct 2003 03:18:17 +0000 (03:18 +0000)
committer	Kurt Zeilenga <kurt@openldap.org>
	Mon, 13 Oct 2003 03:18:17 +0000 (03:18 +0000)