On Tue, May 30, 2006 at 04:31:37PM +0200, Bernd Schubert wrote: > Hi, > > if I run on the failover system 'kinit ldapadmin-h2' syncreply works - until > the ticket experies. After the ticket is expired or if I didn't get a ticket > via kinit, syncreply fails. > How can I make slapd to get a ticket itself?
It won't. You need to arrange some cron job to do this for the ldap user. You will need also to extract the principal's key into a keytab and use it as an argument to kinit in that cronjob, something like "kinit -k -t /foo/bar/ldap.keytab" (for MIT's kinit, Heimdal's syntax may be different).