Hello Lars,
I corrected a little bug in my script so please use the new version
https://wp.tntnet.eu/?p=112 . The bug is only a problem in a multimaster setup,
cause the keytab is not updated correctly.
- Thorsten
Von meinem iPhone gesendet
> Am 08.11.2016 um 08:58 schrieb t Seeger
Hello,
You can add the principals under the users cn this is possible too. You just
need to specify the dn of the user, while adding it.
For GSSAPI I use the olcAuthzRegexp to transfer to the ldap objects. My
userPassword attribute looks like: {SASL}username@REALM.
-Thorsten
Von meinem
ldap_kerberos_container_dn = cn=KERBEROS,dc=microsult,dc=de made it
succeed.This is however not mentioned in the HOWTO.From the documentation of
-subtree I thought that the Principals would somehow be stored with the User
and Machine entries, i.e. not in a seperate tree. So the idea for GSSAPI
Hello,
did you create the /etc/krb5kdc/kdc.conf file? The Kerberos Containern dn is
setup there (ldap_kerberos_container_dn). And you need to use 'cn' for the
container this change some versions ago.
[dbmodules]
LDAP = {
db_library = kldap
ldap_kerberos_container_dn =
Am 07.11.2016 um 15:06 schrieb Todd Grayson:
> From that error message you need to provide the schema file for the
> kerebros ldap objects to your directory instance. Can we assume you
> followed top down the instructions from here?
>
> https://help.ubuntu.com/lts/serverguide/kerberos-ldap.html
>From that error message you need to provide the schema file for the
kerebros ldap objects to your directory instance. Can we assume you
followed top down the instructions from here?
https://help.ubuntu.com/lts/serverguide/kerberos-ldap.html
On Sat, Nov 5, 2016 at 3:03 PM, Dr. Lars Hanke
I had a brief look at the scripts - well, the idea to understand the
relevant parts and reproduce on my own seems laborous at least. I guess
I'll set up a VM, install your system and try to understand, what it did.
Thank you,
- lars.
Am 06.11.2016 um 11:25 schrieb t Seeger:
> Hello,
>
> I
Hello,
I made a installer script to setup a Kerberos server with ldap backend. It is
for ubuntu or debian only. The script is not perfect and for testing, but
should guide you in the right direction. You can find it under:
https://wp.tntnet.eu/?p=112
Thorsten
Von meinem iPhone gesendet
> Am
I'm currently setting up a new KDC for a new domain. I also have a shiny
new LDAP. I want Kerberos to use LDAP as backend. LDAP connectivity is
fine, there is no specific data in it yet.
Trying to create the Kerberos container, I get the following error:
kdb5_ldap_util -D