Same error after upgrading krb5 packages from 1.12+dfsg-2ubuntu5.3 to 1.12+dfsg-2ubuntu5.4.
Adding a principal in a subtree outside the realm container fails. Realm container DN is "cn=TEST.EXAMPLE.COM,cn=krbContainer,dc=example,dc=com" But realm has subtree "dc=example,dc=com", with scope = SUB: # kdb5_ldap_util -D "cn=admin,dc=example,dc=com" -H ldap://ldapserver.example.com view -r TEST.EXAMPLE.COM Realm Name: TEST.EXAMPLE.COM Subtree: dc=example,dc=com SearchScope: SUB So I should add a principal anywhere in "dc=example,dc=com" , e.g. "ou=People,dc=example,dc=com" . -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1817955 Title: Getting new "DN is out of the realm subtree" error on adding principal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1817955/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
