[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

newbie problem initializing realm with ldap backend

hi, i'm following http://www.openinput.com/auth-howto/index.html 
skipping posix Accounts and Groups creation (for now).

but:
kadmin> init CONOSURSEGUROS.CL
Realm max ticket life [unlimited]:
Realm max renewable ticket life [unlimited]:
kadmin: kadm5_create_principal: ldap_add_s: default@conosurseguros.cl 
(dn=cn=default@conosurseguros.cl,ou=kerberos,dc=conosurseguros,dc=cl) 
Invalid syntax

after hours of reading and re-doing everything from zero i keep getting 
this syntax error.... how can i know where is it? _please_

i created that ou= using:
# Kerberos only principals (admin accounts, hosts,...)
dn: ou=kerberos,dc=conosurseguros,dc=cl
objectClass: organizationalUnit
objectClass: top
ou: kerberos
description: Kerberos only principals

krb5-kdc.schema from:
http://www.stanford.edu/services/directory/openldap/configuration/krb5-kdc.schema

and my krb5.conf is:
[libdefaults]
         ticket_lifetime = 600
         default_realm = CONOSURSEGUROS.CL
         default_etypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
         default_etypes_des = des3-hmac-sha1 des-cbc-crc des-cbc-md5

[realms]
         CONOSURSEGUROS.CL = {
                 kdc = kerberos.conosur.0:88
                 admin_server = kerberos.conosur.0:749
         }

[domain_realm]
         .conosur.0 = CONOSURSEGUROS.CL
         conosur.0 = CONOSURSEGUROS.cl

[kdc]
         database = {
                 realm = CONOSURSEGUROS.CL
                 dbname = ldap:ou=kerberos,dc=conosurseguros,dc=cl
                 mkey_file = /var/heimdal/m-key
         }

[logging]
     kdc = FILE:/var/heimdal/logs/kdc.log
     admin_server = FILE:/var/heimdal/logs/admin.log
     default = FILE:/var/heimdal/logs/heimdal.log

Thanks in advance,
Alejandro Mery