On Fri, Sep 6, 2013 at 10:25 AM, Christian Felsing <[email protected]> wrote:
> Hello,
>
> what is the right way to set up necessary principals in ApacheDS?
> kadmin does not work until principals are available but kadmin is needed
> to set up them...
>
> kadmin protocol is not supported by ApacheDS, but here is what you can do
to
enable Kerberos in the server
1. enable the KeyDerivationInterceptor
* goto the entry
ads-interceptorId=keyDerivationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
* set ads-enabled to TRUE
2. go to the entry
ads-serverId=kerberosServer,ou=servers,ads-directoryServiceId=default,ou=config
and change the value of ads-searchBaseDN according to your need
3. restart the server
4. inject the entries
Usability of ApacheDS suffers from lack of documentation. At least there
> should be instructions how to set up LDAP structure for Kerberos. I am
> sure that kadmin would work if all necessary LDAP entries would be
> available.
>
> ya, we know, all of our plates are full
> bets regards
> Christian
>
--
Kiran Ayyagari
http://keydap.com
