[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heimdal-Openldap how to store principals?


    Take a look at this:

       http://www.opentechnet.com/auth-howto/

    and then post again if you still are in trouble. Of course, any 
comments are welcome.

    Best regards
    Jose

Andrew Bacchi wrote:

>I have Openldap working, and Heimdal KDC working. But, not together.
>Can someone suggest where I'm going wrong?  Thanks.
>
>If I kinit as kadmin/admin, the KDC returns 
>kinit: krb5_get_init_creds: Client (kadmin/admin@RPI.EDU) unknown
>
>Yet if I do a kadmin -l get -t *, kadmin/admin is listed.
>
>I do not see kadmin/admin anywhere in the ldap database, is it supposed
>to be there?
>
>I have GSSAPI support in LDAP.
>
>ldapsearch -x -H ldap://ldap3.server.rpi.edu/ -b "" -s base -LLL
>supportedSASLMechanisms
>dn:
>supportedSASLMechanisms: GSSAPI
>supportedSASLMechanisms: DIGEST-MD5
>supportedSASLMechanisms: CRAM-MD5
>
>And krb5.conf looks like.
>
>kdc]
>        database = {
>        realm = RPI.EDU
>        dbname = ldap:ou=kerberos,dc=rpi,dc=edu
>        mkey_file = /var/heimdal/m-key
>        }
>
>  
>