I am trying to use OpenLDAP to store the Kerberos database. I'm using
1.9.3 on Fedora 16. My /etc/krb5.conf looks like this:
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
dns_lookup_realm = false
dns_lookup_kdc = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = yes
default_realm = ENDOFRAME.NET
[realms]
ENDOFRAME.NET = {
kdc = kerberos.endoframe.net
admin_server = kerberos.endoframe.net
default_domain = endoframe.net
database_module = openldap_ldapconf
}
[domain_realm]
endoframe.net = ENDOFRAME.NET
.endoframe.net = ENDOFRAME.NET
[dbdefaults]
ldap_kerberos_container_dn = dc=endoframe,dc=net
[dbmodules]
openldap_ldapconf {
db_library = kldap
ldap_kdc_dn = "cn=Manager,dc=endoframe,dc=net"
ldap_kadmind_dn = "cn=Manager,dc=endoframe,dc=net"
ldap_service_password_file = /var/kerberos/krb5kdc/service.keyfile
}
When I try to run kdb5_ldap_util, it complains of an error in the file:
# kdb5_ldap_util -D cn=Manager,dc=endoframe,dc=net create -subtrees
dc=endoframe,dc=net -r ENDOFRAME.NET -s -H ldap://ldap.endoframe.net
kdb5_ldap_util: Improper format of Kerberos configuration file while
initializing Kerberos code
One thing I am very likely doing wrong is the
ldap_service_password_file. What is the format of this file supposed to
be? Am I correct in my impression that my LDAP RootPW is what goes into
this file?
--
Braden McDaniel <[email protected]>
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
