Re: Heimdal-Openldap how to store principals?

[Jose Gonzalez Gomez <jgonzalez@opentechnet.com>]

    Andrew,

Andrew Bacchi wrote:

>Jose,
>
>I have been following your HowTo all along, thanks for the great info. 
>I am stuck at section 6.2.2, init EXAMPLE.COM.  You say, "This should
>have created several entries in our LDAP directory under the system
>branch.", I don't see them under any branch.  Does Kerberos create these
>accounts as would an LDIF?
>  
>
    Yes, the init command creates those entries. If the entries don't 
get created you must have something wrong in your environment. (There's 
a typo there, it should say kerberos branch instead of system branch).

>I have Heimdal configured with:
>configure --prefix=%{heimdalprefix}
>	--with-openldap=/var/ldap/etc/openldap/ --disable-berkeley-db
>  
>
>Is this OK?
>  
>
    Unfortunately I use Gentoo, so I don't know what compile options are 
being used. I guess they are right... anyway, input on this issue is 
welcome to be included in the howto. If I have time I will investigate 
this to include this information in the howto.

>Also, I can see the server listening on the Unix Socket.  But are there
>possible permission problems?
>unix  2      [ ACC ]     STREAM     LISTENING     469921
>/var/ldap/var/run/ldapi
>
>  
>
    Maybe... take a look at the OpenLDAP logs. Heimdal uses the unix 
socket to connect, so you should see logs of the connection being made. 
Could you post the content of your logs?

    Best regards
    Jose