[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heimdal-Openldap how to store principals?

    Take a look at this:


    and then post again if you still are in trouble. Of course, any 
comments are welcome.

    Best regards

Andrew Bacchi wrote:

>I have Openldap working, and Heimdal KDC working. But, not together.
>Can someone suggest where I'm going wrong?  Thanks.
>If I kinit as kadmin/admin, the KDC returns 
>kinit: krb5_get_init_creds: Client (kadmin/admin@RPI.EDU) unknown
>Yet if I do a kadmin -l get -t *, kadmin/admin is listed.
>I do not see kadmin/admin anywhere in the ldap database, is it supposed
>to be there?
>I have GSSAPI support in LDAP.
>ldapsearch -x -H ldap://ldap3.server.rpi.edu/ -b "" -s base -LLL
>supportedSASLMechanisms: GSSAPI
>supportedSASLMechanisms: DIGEST-MD5
>supportedSASLMechanisms: CRAM-MD5
>And krb5.conf looks like.
>        database = {
>        realm = RPI.EDU
>        dbname = ldap:ou=kerberos,dc=rpi,dc=edu
>        mkey_file = /var/heimdal/m-key
>        }