[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Trouble with ldap backend..
- To: heimdal-discuss@sics.se
- Subject: Trouble with ldap backend..
- From: jay alvarez <kerber0sb0y@yahoo.com>
- Date: Tue, 16 May 2006 22:00:29 -0700 (PDT)
- DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=N3NJ9LxKSEAOWUr98rJUepTNH82KYClWOkyXmd50XhlMu2OyfvmHmPvPcjoLuU+WULwizrylAUK5mzyuv4sZ87hbz52inv0V/rWjLl6apQtlyxOq6OQ7byYHwf57qsn/BVgD8cvNRWE1PJQFpWHE9bZZ58HXPGd0vXzeager3xs= ;
- In-Reply-To: <m2iro9bvik.fsf@nutcracker.wtf.stacken.kth.se>
- Sender: owner-heimdal-discuss@sics.se
Hi,
I already have a working heimdal with ldap backend..
However, I have some confusions..
First, when I run kadmin -l and do some stuffs like
removing a principal, there is a log file created in
the current working directory that looks like this:
ldap:ou=krb5accounts,o=example,dc=com.log
in my krb5.conf...
[logging]
kdc = FILE:/var/heimdal/logs/krb5kdc.log
admin_server =
FILE:/var/heimdal/logs/kadmin.log
kdc = SYSLOG
admin_server = SYSLOG
default = SYSLOG
-------------------
[kdc]
database = {
acl_file = /var/heimdal/kadmind.acl
mkey_file = /var/heimdal/m-key
dbname =
ldap:ou=krb5accounts,o=example,dc=com
require-preauth = true
allow-anonymous = false
# enable-http = false
check-ticket-addresses = true
allow-null-ticket-addresses = false
allow-anonymous = false
kdc_warn_pwexpire = 7 days
logging = SYSLOG
encode_as_rep_as_tgs_rep = true
--------------------------
That logfile created during the kadmin session... I
guess I haven't specified it correctly in my
krb5.conf.. or should it be set somewhere else?
Second problem..
I tried reinstalling openldap and heimdal in another
machine.. create a dn(ou=krb5accounts) where my
principals will be stored under, copied the same
config files(slapd.conf, krb5.conf etc. with some
modifications) from the old machine, then run the
slapd with ldapi:///...
and then run kstash...
kadmin -l
then init our realm...
tried adding a principal... and it worked.
However when I tried ldapsearch my directory,
ou=krb5accounts contains nothing.. On the same
directory where I run kadmin, now I can see another
file aside from the logfile.
The same filename but ending in .db:
ldap:ou=krb5accounts,o=example,dc=com.db
I tried deleting it(.db) and issued a "list *", and
then it says opening database: dbopen
(ldap:ou=krb5accounts,o=example,dc=com): No such file
or directory..
How can this be... heimdal didn't actually stored my
principals in my ldap directory, but instead in that
db file.
Help. I wanted to eliminate that logfile created
everytime I have a kadmin session and also that .db
file... I want to store my principals in ldap and not
in that db file...
Thanks..
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com