[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapadd and /etc/krb5.conf

To: openldap-software@OpenLDAP.org
Subject: Re: ldapadd and /etc/krb5.conf
From: "claus" <ch@greenmail.ch>
Date: Wed, 2 Jul 2003 13:28:03 +0200

OK ... after reading some things become clear :-)

I see that the "strange" behaviour was sort of a hazard 
due to my stupid settings and I have to streamline some things
in naming and cross certification of my 2 realms :-)

Thanx a lot,
Claus

From: "Dieter Kluenter" <dieter@dkluenter.de>
> Hi,
>
>"claus" <ch@greenmail.ch> writes:
>
>> Hello,
>>
>> I wonder why the command
>>   ldapadd -f /tmp/manager.ldif -Y GSSAPI
>> gives the error
>>   GSSAPI Error: Miscellaneous failure (Server not found in Kerberos database)
>> if I do _not_ configure /etc/krb5.conf
>>   [domain_realm]
>>        .mycompany.com = <REALM>
>>
>> If I _do_ configure /etc/krb5.conf the command works fine.
>>
>> Is there a way to give "ldapadd" (and the other tools) on the command
line
>> the information contained in the "domain_realm" section. I think I tried
>> every thing "-R" "-X" "-W" "-U". I do not knpow how to use/test "-O".
>
>That is not a SASL nor an OpenLDAP issue, it is a krb5 issue.
>If you don't specify domain_realm, krb5 considers host.domain.tld als
>valid realm.
>Read the Kerberos V5 System Administrator's Guide.
>
>-Dieter
>-- 
>Dieter Kluenter  | Systemberatung
>Tel:040.64861967 | Fax: 040.64891521
>mailto: dkluenter(at)dkluenter.de
>http://www.avci.de

Prev by Date: web archive of openldap mailing list
Next by Date: Re: web archive of openldap mailing list
Index(es):
- Chronological
- Thread