Kerberos+LDAP: kadmin.local and kadmin show different principals
Nick Triantos
nick at triantos.com
Thu Jan 13 12:20:55 EST 2011
Thank you so much! That was exactly the problem... I must not have restarted kadmind.
best,
-Nick
On Jan 12, 2011, at 9:42 PM, Greg Hudson wrote:
> On Thu, 2011-01-13 at 00:18 -0500, Nick Triantos wrote:
>> Does kadmin expect different parameters to be set in krb5.conf than
>> kadmin.local would? The man page implies the two behave very
>> similarly.
>
> Is there any possibility that the second search tree was added to
> krb5.conf since kadmind was last started? Put another way, if you
> restart kadmind, does the problem go away?
>
> If that's not it, then it's possible that there's a bug here, but I
> can't imagine off the top of my head what it would look like. There are
> three layers of common libraries between kadmind/kadmin.local and the
> accesses to the LDAP server, and it would be odd for both tools to
> succeed but interpret the same profile settings differently.
>
>
More information about the Kerberos
mailing list