[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

how to use a different keytab file than /etc/krb5.keytab?

I've searched the web, google, read manual pages but couldn't find
an answer to this.

I'm running openldap as a non-root user and need it to be able to
read a keytab file in order to use gssapi. I don't want it to
have read access to /etc/krb5.keytab, which has other credentials
in it besides the ldap one. So I created /etc/openldap/slapd.keytab,
but I can't find a way to tell the heimdal libraries to use that
file instead of the default /etc/krb5.keytab.

With MIT I just have to export KRB5_KTNAME=/etc/openldap/slapd.keytab,
is there a similar way with heimdal?

Versions I'm using: