On Mon, 06 Dec 2010 18:31:37 +0100 Thomas Sailer <[email protected]> wrote:
> On Mon, 2010-12-06 at 10:55 -0500, Simo Sorce wrote: > > Hi Simo, > > thanks for your response! > > > We are seeing an issue with F14 DS where it has been built against > > opneldap libraries while we still have plugins built against > > mozldap. > > Where would that help? > just for the ipa-getkeytab reliability issue? Yes, that is probably a side effect of the problem we're solving. > Because after the kerberos keys are in the client's keytab, how is > ldap even involved in the nfs issues? Keys are stored in ldap and asn.1 encoding is generated using ldap libraries before storing it. If that operation fails it may generate malformed entries that the KDC later can't properly decode. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
