[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapadd and /etc/krb5.conf

OK ... after reading some things become clear :-)

I see that the "strange" behaviour was sort of a hazard 
due to my stupid settings and I have to streamline some things
in naming and cross certification of my 2 realms :-)

Thanx a lot,

From: "Dieter Kluenter" <dieter@dkluenter.de>
> Hi,
>"claus" <ch@greenmail.ch> writes:
>> Hello,
>> I wonder why the command
>>   ldapadd -f /tmp/manager.ldif -Y GSSAPI
>> gives the error
>>   GSSAPI Error: Miscellaneous failure (Server not found in Kerberos database)
>> if I do _not_ configure /etc/krb5.conf
>>   [domain_realm]
>>        .mycompany.com = <REALM>
>> If I _do_ configure /etc/krb5.conf the command works fine.
>> Is there a way to give "ldapadd" (and the other tools) on the command
>> the information contained in the "domain_realm" section. I think I tried
>> every thing "-R" "-X" "-W" "-U". I do not knpow how to use/test "-O".
>That is not a SASL nor an OpenLDAP issue, it is a krb5 issue.
>If you don't specify domain_realm, krb5 considers host.domain.tld als
>valid realm.
>Read the Kerberos V5 System Administrator's Guide.
>Dieter Kluenter  | Systemberatung
>Tel:040.64861967 | Fax: 040.64891521
>mailto: dkluenter(at)dkluenter.de