[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: configuring Heimdal <--> OpenLDAP interconnection
On Sun, 27 Feb 2005 19:28:19 +0500 (YEKT), Ilia Chipitsine
<ilia@paramon.ru> wrote:
> Dear Sirs,
>
> as far af I figured out, such an interconnection can be only done
> by using IPC (no clue why not to allow SSL connection to LDAP),
>
> so, I'm running OpenLDAP with "-h
> "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'"
>
> and socket itself is "/var/run/openldap/ldapi".
> However, I encountered errors with populating database, kadmin says:
>
> sol# kadmin -l
> kadmin> init CHEL.SKBKONTUR.RU
> Realm max ticket life [unlimited]:
> Realm max renewable ticket life [unlimited]:
> kadmin: kadm5_create_principal: ldap_add_s: Can't contact LDAP server
> sol#
>
> I guess, it expects socket in different location. How can I specify socket
> in krb5.conf ? I found no examples.
>
> Also, nothing was written to logs:
>
> [logging]
> kdc = FILE:/var/log/krb5kdc.log
> admin_server = FILE:/var/log/kadmin.log
> default = FILE:/var/log/krb5lib.log
>
> did I have to specify something else in order to detect exact reason ?
>
Last time I took a look at the Heimdal code the location of the socket
was hard wired, and Heimdal expected it to be at /var/lib/ldapi, so
you must change the OpenLDAP configuration to match this value.
Best regards
Jose