[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapadd and /etc/krb5.conf

To: openldap-software@OpenLDAP.org
Subject: Re: ldapadd and /etc/krb5.conf
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Wed, 02 Jul 2003 12:24:58 +0200
In-reply-to: <3EEF125F00002066@mail02.agrinet.ch> (ch@greenmail.ch's message of "Wed, 2 Jul 2003 10:33:15 +0200")
References: <3EEF125F00002066@mail02.agrinet.ch>
User-agent: Gnus/5.1001 (Gnus v5.10.1) XEmacs/21.4 (Portable Code, linux)

Hi,

"claus" <ch@greenmail.ch> writes:

> Hello,
>
> I wonder why the command
>   ldapadd -f /tmp/manager.ldif -Y GSSAPI
> gives the error
>   GSSAPI Error: Miscellaneous failure (Server not found in Kerberos database)
> if I do _not_ configure /etc/krb5.conf
>   [domain_realm]
>        .mycompany.com = <REALM>
>
> If I _do_ configure /etc/krb5.conf the command works fine.
>
> Is there a way to give "ldapadd" (and the other tools) on the command line
> the information contained in the "domain_realm" section. I think I tried
> every thing "-R" "-X" "-W" "-U". I do not knpow how to use/test "-O".

That is not a SASL nor an OpenLDAP issue, it is a krb5 issue.
If you don't specify domain_realm, krb5 considers host.domain.tld als
valid realm.
Read the Kerberos V5 System Administrator's Guide.

-Dieter
-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de

References:
- ldapadd and /etc/krb5.conf
  - From: "claus" <ch@greenmail.ch>

Prev by Date: Re: differences between openldap and perl-ldap
Next by Date: web archive of openldap mailing list
Index(es):
- Chronological
- Thread