Package: krb5-kdc-ldap
Version: 1.8.1+dfsg
Severity: important
User: [email protected]
Usertags: debian-edu
Hi,
a bunch of very usefull service commands like create_service,
modify_service, view_service etc. are missing from kdb5_ldap_util.
To test, execute:
r...@tjener:~# kdb5_ldap_util
Usage: kdb5_ldap_util [-D user_dn [-w passwd]] [-H ldapuri] cmd [cmd_options]
create [-subtrees subtree_dn_list] [-sscope search_scope] [...]
modify [-subtrees subtree_dn_list] [-sscope search_scope] [...]
view [-r realm]
destroy [-f] [-r realm]
list
stashsrvpw [-f filename] service_dn
create_policy [-r realm] [-maxtktlife max_ticket_life]
modify_policy [-r realm] [-maxtktlife max_ticket_life]
view_policy [-r realm] policy
destroy_policy [-r realm] [-force] policy
list_policy [-r realm]
>From the man page you wounder, because there are much more commands listed:
create_service, modify_service, view_service, destroy_service, ...
Supposed reason: kdb5_ldap_util is compiled missing edirectory support i.e.
configured without "--with-edirectory" which is needed to make above
commands available. In the source:
krb5-1.8.1+dfsg/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
krb5-1.8.1+dfsg/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_util.c
the relevant code is included in #ifdef HAVE_EDIRECTORY, but in debian/rules
"--with-edirectory" is missing (cmp. src/configure).
It would be great if these commands could be enabled before the freeze
of squeeze. We plan to switch to kerberos authentication in debian-edu
and the commands would tremendously simplify our kdc-ldap setup during
installation.
If I can help to make this possible let me know.
Thanks,
Andi
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.34-rc5-nouveau.git (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
