kdb5_ldap_util create fails
Greg Hudson
ghudson at MIT.EDU
Sun Mar 9 12:51:17 EDT 2014
On 03/09/2014 08:20 AM, Tobias Hachmer wrote:
> If I create the first kerberos container manually [...] the
> kdb5_ldap_util from krb 1.12.1 exit with the error that the object
> has no cn like defined in schema for the krbContainer object.
> But the kdb5_ldap_util from krb 1.10.1 (debian tst machine) just
> leaves the first object as it is and initializes the kerberos
> backend in ldap:
Ah, yes. As a result of some cleanup work, 1.12 always tries to
create the krbContainer object (tolerating an LDAP_ALREADY_EXISTS
error) while previous versions only create it if it can't be read. I
wouldn't describe either behavior as a bug; they just have different
results in this corner case.
More information about the Kerberos
mailing list