kadmin (heimdal port) ignores the ldap backend

fandino fandino at ng.fadesa.es
Wed Jun 1 03:17:40 PDT 2005


  I'm testing a new configuration with heimdal and the ldap backend
but kadmin is completely ignoring the ldap directive in the dbname

last cvsup of the ports was yesterday and LDAP was defined in
the heimdal port config:

root at damocles:/usr/ports/security/heimdal# make showconfig
===> The following configuration options are set for heimdal-0.6.3_2:
      LDAP=on "Use OpenLDAP as the KDC backend"
      CRACKLIB=on "Use CrackLib for password quality checking"
      X11=on "Build X11 utilies

and indeed it's linked with ldap as you can see:

# ldd /usr/local/sbin/kadmin
         libldap-2.2.so.7 => /usr/local/lib/libldap-2.2.so.7 (0x2812c000)
         liblber-2.2.so.7 => /usr/local/lib/liblber-2.2.so.7 (0x2818a000)

when the realm is initied kadmin creates a couple of files with the literal
dbname definition (adding ldap: as filename prefix) instead of contacting
the openldap server.

# /usr/local/sbin/kadmin -l
kadmin> init OLIMPUS
Realm max ticket life [unlimited]:
Realm max renewable ticket life [unlimited]:
# ls -l
-rw-------  1 root  wheel  32768 May 31 10:19 ldap:ou=gods,dc=olimpus.db
-rw-------  1 root  wheel   7584 May 31 10:19 ldap:ou=gods,dc=olimpus.log

anyone knows what I'm missing?

Thank you.


# cat /etc/krb5.conf
     default_realm = OLIMPUS
     default_etypes_des = des3-cbc-sha1
     default_etypes = des3-cbc-sha1


     OLIMPUS = {
         kdc = localhost.olimpus
         admin_server = localhost.olimpus

     .olimpus = OLIMPUS

     database = {
     realm = OLIMPUS
     dbname = ldap:ou=gods,dc=olimpus
     mkey_file = /var/heimdal/m-key

     kdc = SYSLOG
     admin_server = SYSLOG
     default = SYSLOG

More information about the freebsd-ports mailing list