Re: configuring Heimdal <--> OpenLDAP interconnection

[Jose Gonzalez Gomez <jgonzalez.openinput@gmail.com>]

On Sun, 27 Feb 2005 19:28:19 +0500 (YEKT), Ilia Chipitsine
<ilia@paramon.ru> wrote:
> Dear Sirs,
> 
> as far af I figured out, such an interconnection can be only done
> by using IPC (no clue why not to allow SSL connection to LDAP),
> 
> so, I'm running OpenLDAP with "-h
> "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'"
> 
> and socket itself is "/var/run/openldap/ldapi".
> However, I encountered errors with populating database, kadmin says:
> 
> sol# kadmin -l
> kadmin> init CHEL.SKBKONTUR.RU
> Realm max ticket life [unlimited]:
> Realm max renewable ticket life [unlimited]:
> kadmin: kadm5_create_principal: ldap_add_s: Can't contact LDAP server
> sol#
> 
> I guess, it expects socket in different location. How can I specify socket
> in krb5.conf ? I found no examples.
> 
> Also, nothing was written to logs:
> 
> [logging]
>           kdc = FILE:/var/log/krb5kdc.log
>           admin_server = FILE:/var/log/kadmin.log
>           default = FILE:/var/log/krb5lib.log
> 
> did I have to specify something else in order to detect exact reason ?
> 
Last time I took a look at the Heimdal code the location of the socket
was hard wired, and Heimdal expected it to be at /var/lib/ldapi, so
you must change the OpenLDAP configuration to match this value.

Best regards
Jose