[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Heimdal-Openldap how to store principals?

I have Openldap working, and Heimdal KDC working. But, not together.
Can someone suggest where I'm going wrong?  Thanks.

If I kinit as kadmin/admin, the KDC returns 
kinit: krb5_get_init_creds: Client (kadmin/admin@RPI.EDU) unknown

Yet if I do a kadmin -l get -t *, kadmin/admin is listed.

I do not see kadmin/admin anywhere in the ldap database, is it supposed
to be there?

I have GSSAPI support in LDAP.

ldapsearch -x -H ldap://ldap3.server.rpi.edu/ -b "" -s base -LLL
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: CRAM-MD5

And krb5.conf looks like.

        database = {
        realm = RPI.EDU
        dbname = ldap:ou=kerberos,dc=rpi,dc=edu
        mkey_file = /var/heimdal/m-key

Facade: Provide a unified interface to a set of interfaces in a

Andrew Bacchi
Staff Systems Programmer
Rensselaer Polytechnic Institute
phone: 518 276-6415  fax: 518 276-2809