Hello,
i have a little problem with the 'KRB5CCNAME' environment variable. I set
the default_ccache_name to KEYRING:persistent:%{uid} but if i login it is
set to "file:/tmp/krb5cc_${uid}_XX" cause ssh sets the KRB5CCNAME
to file:/tmp/krb5cc_${uid}_XX...
I found a workaround with ad
> On 27 Sep 2016, at 15:20, Tina Harriott wrote:
>
>> On 16 September 2016 at 16:02, t Seeger wrote:
>> Hello,
>>
>> i have a little problem with the 'KRB5CCNAME' environment variable. I set
>> the default_ccache_name to KEYRING:persistent:%{
Hello,
I made a installer script to setup a Kerberos server with ldap backend. It is
for ubuntu or debian only. The script is not perfect and for testing, but
should guide you in the right direction. You can find it under:
https://wp.tntnet.eu/?p=112
Thorsten
Von meinem iPhone gesendet
> Am
Hello,
did you create the /etc/krb5kdc/kdc.conf file? The Kerberos Containern dn is
setup there (ldap_kerberos_container_dn). And you need to use 'cn' for the
container this change some versions ago.
[dbmodules]
LDAP = {
db_library = kldap
ldap_kerberos_container_dn = cn=KERBERO
d with the User
> and Machine entries, i.e. not in a seperate tree. So the idea for GSSAPI
> binding of users or machines will be to use authz?
>
> Thanks for the help,
> - lars.
>
>> Am 08.11.2016 um 08:58 schrieb t Seeger:
>> Hello,
>>
>> did you create t
Hello Lars,
I corrected a little bug in my script so please use the new version
https://wp.tntnet.eu/?p=112 . The bug is only a problem in a multimaster setup,
cause the keytab is not updated correctly.
- Thorsten
Von meinem iPhone gesendet
> Am 08.11.2016 um 08:58 schrieb t See
Hello,
please check what URI value is in '/etc/ldap/ldap.conf'. Are both set two
ldapi:///?
Thorsten
Von meinem iPhone gesendet
> Am 13.04.2017 um 12:57 schrieb Jaap Winius :
>
> Hi folks,
>
> My plan is to migrate away from three older Debian wheezy systems
> running MIT Kerberos 1.10.1+df
Hey Yegui,
I use a mutli master setup. For the sync I use openldap.
Greeting Thor
> On 2. Feb 2019, at 15:38, Yegui Cai wrote:
>
> Hi all.
> I know the official document recommend master-slave deployment for
> production environment.
> Wonder if any try to do a master-master deployment? If yes
that use multi-master KDCs also use
>>> multi-master LDAP replication, to avoid the SPOF.
>>>
>>> -Ben
>>>
>>>> On Sat, Feb 02, 2019 at 11:12:33AM -0500, Yegui Cai wrote:
>>>> Hi Thor.
>>>> So you have a shared ldap? If so
to Kerberos. Your script
> is definitely helpful.
> Thanks a lot!
> Yegui
>
>> On Sat, Feb 2, 2019 at 1:55 PM t Seeger wrote:
>> Hey,
>>
>> my deployment is a multimaster ldap / Kerberos Setup... i made a „Script“ to
>> install it on Debian/ubuntu
Hey Yegui,
I have just noticed that the script has a bug and does not run. I uploaded the
corrected version (0.13.3).
Greetings
Thor
> On 6. Feb 2019, at 13:56, Yegui Cai wrote:
>
> Awesome, thanks!
>
>> On Wed, Feb 6, 2019 at 2:32 AM t Seeger wrote:
>> Hey Yegui,
11 matches
Mail list logo