[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Heimdal-Openldap how to store principals?

To: "heimdal-discuss@sics.se" <heimdal-discuss@sics.se>
Subject: Heimdal-Openldap how to store principals?
From: Andrew Bacchi <bacchi@rpi.edu>
Date: 26 Aug 2004 17:37:53 -0400
Sender: owner-heimdal-discuss@sics.se

I have Openldap working, and Heimdal KDC working. But, not together.
Can someone suggest where I'm going wrong?  Thanks.

If I kinit as kadmin/admin, the KDC returns 
kinit: krb5_get_init_creds: Client (kadmin/admin@RPI.EDU) unknown

Yet if I do a kadmin -l get -t *, kadmin/admin is listed.

I do not see kadmin/admin anywhere in the ldap database, is it supposed
to be there?

I have GSSAPI support in LDAP.

ldapsearch -x -H ldap://ldap3.server.rpi.edu/ -b "" -s base -LLL
supportedSASLMechanisms
dn:
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: CRAM-MD5

And krb5.conf looks like.

kdc]
        database = {
        realm = RPI.EDU
        dbname = ldap:ou=kerberos,dc=rpi,dc=edu
        mkey_file = /var/heimdal/m-key
        }

-- 
Facade: Provide a unified interface to a set of interfaces in a
subsystem.

Andrew Bacchi
Staff Systems Programmer
Rensselaer Polytechnic Institute
phone: 518 276-6415  fax: 518 276-2809

http://www.rpi.edu/~bacchi/

Follow-Ups:
- Re: Heimdal-Openldap how to store principals?
  - From: Jose Gonzalez Gomez <jgonzalez@opentechnet.com>

Prev by Date: cross-domain authentication
Next by Date: Heimdal on MacOS X
Prev by thread: cross-domain authentication
Next by thread: Re: Heimdal-Openldap how to store principals?
Index(es):
- Date
- Thread