[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-questions
Subject:    kadmin (heimdal port) ignores the ldap backend
From:       fandino <fandino () ng ! fadesa ! es>
Date:       2005-05-31 12:00:10
Message-ID: 429C51CA.3060900 () ng ! fadesa ! es
[Download RAW message or body]

Hello,

  I'm testing a new configuration with heimdal and the ldap backend
but kadmin is completely ignoring the ldap directive in the dbname
definition.

last cvsup of the ports was yesterday and LDAP was defined in
the heimdal port config:

root@damocles:/usr/ports/security/heimdal# make showconfig
===> The following configuration options are set for heimdal-0.6.3_2:
      LDAP=on "Use OpenLDAP as the KDC backend"
      CRACKLIB=on "Use CrackLib for password quality checking"
      X11=on "Build X11 utilies

and indeed it's linked with ldap as you can see:

# ldd /usr/local/sbin/kadmin
/usr/local/sbin/kadmin:
	....
         libldap-2.2.so.7 => /usr/local/lib/libldap-2.2.so.7 (0x2812c000)
         liblber-2.2.so.7 => /usr/local/lib/liblber-2.2.so.7 (0x2818a000)
	....

when the realm is initied kadmin creates a couple of files with the literal
dbname definition (adding ldap: as filename prefix) instead of contacting
the openldap server.

# /usr/local/sbin/kadmin -l
kadmin> init OLIMPUS
Realm max ticket life [unlimited]:
Realm max renewable ticket life [unlimited]:
# ls -l
...
-rw-------  1 root  wheel  32768 May 31 10:19 ldap:ou=gods,dc=olimpus.db
-rw-------  1 root  wheel   7584 May 31 10:19 ldap:ou=gods,dc=olimpus.log
...

anyone knows what I'm missing?


Thank you.

	/---------/

# cat /etc/krb5.conf
[libdefaults]
     default_realm = OLIMPUS
     default_etypes_des = des3-cbc-sha1
     default_etypes = des3-cbc-sha1

[appdefaults]

[realms]
     OLIMPUS = {
         kdc = localhost.olimpus
         admin_server = localhost.olimpus
     }

[domain_realm]
     .olimpus = OLIMPUS

[kdc]
     database = {
     realm = OLIMPUS
     dbname = ldap:ou=gods,dc=olimpus
     mkey_file = /var/heimdal/m-key
}

[logging]
     kdc = SYSLOG
     admin_server = SYSLOG
     default = SYSLOG
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic