[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Heimdal/OpenLDAP/Samba howto and bugreport
>>>setting ldap:o=skool as the searchdn will find both students and
>>Is the same true for
>Heimdal is not a user administration tool. It is a kerberos server, and
>the reason you are using OpenLDAP, is to allow other (more suitable)
>tools to be your user administration tools.
>So, the answer is to simply create your users with some other tool, and
>have heimdal set kerberos keys on the existing entry. The
>hdb-ldap-create-base should perhaps never be used - but for things like
>a 'init MY.REALM' in kadmin -l, it's useful to put these somewhere other
>than the root.
That's quite clear, however in the given example of having users in
different organizational units shall I need to use as the
hdb-ldab-create-base parameter the basedn of the ldap server for init
MY.REALM or shall I init it multiple times.