Building / using the HDBBridge Plugin
Andrew Hamilton
ahamilto at tjhsst.edu
Fri Jan 15 11:03:10 EST 2016
Hello - I am trying to migrate from a Heimdal Kerberos setup to MIT and
found the HDBBridge project but have not been able to get it to work
successfully.
I have already installed heimdal 1.5.3 into /usr/local/heimdal/; I then
downloaded and built MIT Kerberos version 1.13.3, however, it did not
attempt to build the hdb plugin and I could not find a configuration
option to enable it.
With some Makefile manipulation, I was able to get it to build the hdb
plugin and load it, however, at that point, attempting to launch krb5kdc
or kdb5_util resulted in a "cannot initialize realm" error. strace
revealed that while the hdb plugin was being loaded and the utilities
were attempting to access the master key file, no attempt was ever made
to locate or open the heimdal.db file (heimdal_dbname was set in
krb.conf). I am not certain if this is due to something being
missed/left out when I built the plugin or due to something else.
*krb5.conf snipppet*
[realms]
EXAMPLE.COM = {
kdc = server.example.com
admin_server = server.example.com
database_module = HDB
}
[dbmodules]
HDB = {
db_library = hdb
heimdal_libdir = /usr/local/heimdal/lib
heimdal_dbname = /var/lib/krb5kdc/heimdal.db
}
Thank you,
--
Andrew Hamilton
Network / Systems Administrator
Thomas Jefferson High School
For Science and Technology
More information about the Kerberos
mailing list