Can I get more debug output from kadmin.local?
Chris
lists at deksai.com
Wed Aug 12 00:11:18 EDT 2009
> I can bind to ldap using the stashed passwords just fine, and read/write
> what I'm supposed to in the container and subtrees.
>
> Is there any way to get some more output out of the program, just a
> little clue?
>
OK, as usual, this was really a stupid problem, and I figured it out
about the most painful way possible.
I had my dn's turned around, and was stashing the password for the kdc
instead of the admin service (it pays to not be blind to your bash
history).
I found my problem by tracing to here in
plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c around line 105:
if (entryfound == 0) {
st = KRB5_KDB_SERVER_INTERNAL_ERR;
krb5_set_error_message (context, st, "Bind DN entry missing in
stash file");
goto rp_exit;
}
As it turns out the source is full of all kinds of wonderful information
about what is going wrong, but none of it prints. Still have to figure
out why that isn't happening correctly...
Chris
More information about the Kerberos
mailing list