The is used to perform all processing related to SASL GSSAPI authentication using Kerberos V5. ds-cfg-gssapi-sasl-mechanism-handler ds-cfg-sasl-mechanism-handler org.opends.server.extensions.GSSAPISASLMechanismHandler Specifies the realm that should be used for GSSAPI authentication. The server will attempt to determine the realm from the underlying system configuration. ds-cfg-realm Specifies the address of the KDC that should be used for Kerberos processing. If provided, this should be a fully-qualified DNS-resolvable name. The server will attempt to determine the KDC address from the underlying system configuration. ds-cfg-kdc-address Specifies the path to the keytab file that should be used for Kerberos processing. If provided, this should be either an absolute path or one that is relative to the server instance root. The server will attempt to use the system-wide default keytab. ds-cfg-keytab Specifies the DNS-resolvable fully-qualified domain name for the system. The server will attempt to dynamically determine the fully-qualified domain name. ds-cfg-server-fqdn Specifies the name of the identity mapper that should be used to match the Kerberos principal to a user entry. ds-cfg-identity-mapper