ports/159943: openldap slapd ignores rc.conf slapd_krt5_ktname
Harry Coin
harrycoin at aol.com
Sun Aug 21 19:50:09 UTC 2011
The following reply was made to PR ports/159943; it has been noted by GNATS.
From: Harry Coin <harrycoin at aol.com>
To: bug-followup at FreeBSD.org, harrycoin at aol.com
Cc:
Subject: Re: ports/159943: openldap slapd ignores rc.conf slapd_krt5_ktname
Date: Sun, 21 Aug 2011 14:46:33 -0500
Some corrections to the above.
1. The last paragraph in 'how to repeat' should be ignored. Somehow I
cut it but it got posted anyhow.
2. In the workaround, delete the last two graphs, replace krb5.conf
instead of krb5.keytab. Should be:
use ktutil remove -k /etc/krb5.host.keytab ldap (and anything else
other than the host/... keys). Use kadmin to create /etc/krb5.keytab
with only the ldap/... key in it, then chown ldap:ldap /etc/krb5.keytab.
Restart kerberos and slapd.
ldapwhoami then works once again, and the host key is separate from
the ldap key.
More information about the freebsd-ports-bugs
mailing list