[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ldap <--> heimdal again

To: Ilia Chipitsine <ilia@paramon.ru>
Subject: Re: ldap <--> heimdal again
From: Marcos Aguinaldo Forquesato <guina@ccuec.unicamp.br>
Date: Mon, 14 Mar 2005 09:46:14 -0300
Cc: Jonathan Higgins <jhiggins@kennesaw.edu>, heimdal-discuss@sics.se
In-Reply-To: <20050314091837.U82009@office.paramon.ru>
Organization: Universidade Estadual de Campinas ( UNICAMP )
References: <s234399a.019@greatowl.kennesaw.edu> <20050314091837.U82009@office.paramon.ru>
Reply-To: guina@ccuec.unicamp.br
Sender: owner-heimdal-discuss@sics.se
User-Agent: Mutt/1.4.1i

On Mon, Mar 14, 2005 at 09:19:26AM +0500, Ilia Chipitsine wrote:
> >one thing you could try, is putting a link in /var/run to the ldapi
> >socket that should be located in /usr/local/var/run/ ..
> 
> what I am looking for is the _way_ of solving such things.
> turning on debugging/verbose information.

	I use:

/etc/rc.conf:
# LDAP
slapd_enable="YES"
slapd_flags='-d 255 -h "ldapi:/// ldap:/// ldaps:///"'
slapd_sockets="/var/run/openldap/ldapi"

	See below..

> 
> "guessing" and "trying" are pretty useless.
> 
> >
> >Jonathan Higgins
> >IT R&D Project Manager
> >Kennesaw State University
> >jhiggins@kennesaw.edu
> >
> >>>>Ilia Chipitsine <ilia@paramon.ru> 03/13/05 4:14 AM >>>
> >Dear Sirs,
> >
> >I again tried to configure heimdal against OpenLDAP.
> >I'm using FreeBSD-5.2.1 and I have installed heimdal from ports
> >collection.
> >
> >1) how can I specify path to the socket openldap is listening on ?

	In /etc/rc.conf ( FreeBSD box )

> >
> >2) I configured /etc/krb5.conf according to online manual (I attached
> >config), but I see strange things in logs. I attached logs as well.
> >It seems that is's expecting /var/heimdal/kdc.conf, where can I find
> >information on configuring that file ?

	I configured the kdc in /etc/krb5.conf

[kdc]
    database = {
        realm = UNICAMP.BR
        dbname = ldap:ou=kerberos,dc=yyyy,dc=xx
        mkey_file = /xxxx/heimdal/m-key
        acl_file = /xxxx/heimdal/kdc.acl
        log_file = /xxxx/heimdal/db.log
    }


> >
> >3) It seems that heimdal cannot find ldap configuration. What did I do
> >wrong ?

	You can create link to /etc/ldap.conf

	ln -s /usr/local/etc/openldap/ldap.conf /etc/ldap.conf

> >
> >4) when I tried to initialize database

	Include the follow acl for installation

	access to *
        by sockurl="ldapi:///" write
	
> >
> >sol# kadmin -l
> >kadmin> init CHEL.SKBKONTUR.RU
> >Realm max ticket life [unlimited]:
> >Realm max renewable ticket life [unlimited]:
> >kadmin: kadm5_create_principal: ldap_add_s: Can't contact LDAP server
> >sol#
> >
> >it seems there are errors, but how can I make it more verbose ?
> >I see nothing strange in logs, so I've no idea what did I do wrong.
> >Somebody, please, enlight me, how can I turn on debugging ?
> >
> >Cheers,
> >Ilia Chipitsine
> >

Follow-Ups:
- Re: ldap <--> heimdal again
  - From: Ilia Chipitsine <ilia@paramon.ru>

References:
- Re: ldap <--> heimdal again
  - From: "Jonathan Higgins" <jhiggins@kennesaw.edu>
- Re: ldap <--> heimdal again
  - From: Ilia Chipitsine <ilia@paramon.ru>

Prev by Date: Re: ldap <--> heimdal again
Next by Date: Re: ldap <--> heimdal again
Prev by thread: Re: ldap <--> heimdal again
Next by thread: Re: ldap <--> heimdal again
Index(es):
- Date
- Thread