krb5-1.6.3 with LDAP backend on Solaris 10

Robert Wirstrom robw at mizuhocap.com
Tue Nov 6 10:10:15 EST 2007 

Hi,

I have successfully compiled (./configure --with-ldap --enable-dns 
--without-krb4) and installed krb5-1.6.3 on Solaris 10. And I am able to 
create the realm using kdb5_ldap_util, but when I try to run kadmin or 
krb5kdc it gives me:

"krb5kdc: cannot initialize realm `REALM` - see log file for details"

bash-3.00# cat /var/log/kadmind.log
Oct 19 10:54:03 boon kadmind[684](Error): Unable to find requested 
database type while initializing, aborting
Oct 19 11:02:02 boon kadmind[708](Error): Unable to find requested 
database type while initializing, aborting

Running truss reveals that kldap.so does indeed get opened:

-----
time()                                          = 1193426650
stat("/usr/local/lib/krb5/plugins/kdb/kldap", 0xFFBFF6A0) Err#2 ENOENT
stat("/usr/local/lib/krb5/plugins/kdb/kldap.so", 0xFFBFF6A0) = 0
stat("/usr/local/lib/krb5/plugins/kdb/kldap.so", 0xFFBFF168) = 0
resolvepath("/usr/local/lib/krb5/plugins/kdb/kldap.so", 
"/usr/local/lib/krb5/plugins/kdb/kldap.so", 1023) = 40
open("/usr/local/lib/krb5/plugins/kdb/kldap.so", O_RDONLY) = 5
mmap(0x00010000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_ALIGN, 5, 0) 
= 0xFEEE0000
mmap(0x00010000, 81920, PROT_NONE, 
MAP_PRIVATE|MAP_NORESERVE|MAP_ANON|MAP_ALIGN, -1, 0) = 0xFECE0000
mmap(0xFECE0000, 10017, PROT_READ|PROT_EXEC, 
MAP_PRIVATE|MAP_FIXED|MAP_TEXT, 5,0) = 0xFECE0000

-----

The LDAP server we are using is Sun Java Enterprise 6. I have compiled 
against the default Solaris 10 ldap libraries and OpenLDAP and get the 
same results.

Has anyone been able to get this to work in Solaris 10? Any pointers 
would be appreciated. krb5.conf attached.

Thanks,

Robert







This e-mail contains information some or all of which may be confidential, proprietary and/or legally privileged.  If an addressing or transmission error has misdirected this e-mail, please notify the sender by replying to this e-mail.  If you are not the intended recipient you must not use, disclose, distribute, copy, print or rely on this e-mail.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: krb5.conf
Url: http://mailman.mit.edu/pipermail/kerberos/attachments/20071106/143396ef/attachment.bat

More information about the Kerberos mailing list