[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

newbie problem initializing realm with ldap backend

hi, i'm following http://www.openinput.com/auth-howto/index.html 
skipping posix Accounts and Groups creation (for now).

Realm max ticket life [unlimited]:
Realm max renewable ticket life [unlimited]:
kadmin: kadm5_create_principal: ldap_add_s: default@conosurseguros.cl 
Invalid syntax

after hours of reading and re-doing everything from zero i keep getting 
this syntax error.... how can i know where is it? _please_

i created that ou= using:
# Kerberos only principals (admin accounts, hosts,...)
dn: ou=kerberos,dc=conosurseguros,dc=cl
objectClass: organizationalUnit
objectClass: top
ou: kerberos
description: Kerberos only principals

krb5-kdc.schema from:

and my krb5.conf is:
         ticket_lifetime = 600
         default_realm = CONOSURSEGUROS.CL
         default_etypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
         default_etypes_des = des3-hmac-sha1 des-cbc-crc des-cbc-md5

                 kdc = kerberos.conosur.0:88
                 admin_server = kerberos.conosur.0:749

         .conosur.0 = CONOSURSEGUROS.CL
         conosur.0 = CONOSURSEGUROS.cl

         database = {
                 realm = CONOSURSEGUROS.CL
                 dbname = ldap:ou=kerberos,dc=conosurseguros,dc=cl
                 mkey_file = /var/heimdal/m-key

     kdc = FILE:/var/heimdal/logs/kdc.log
     admin_server = FILE:/var/heimdal/logs/admin.log
     default = FILE:/var/heimdal/logs/heimdal.log

Thanks in advance,
Alejandro Mery