ldap database error when creating initial stash

Michael Aldridge michael.aldridge at utdallas.edu
Thu Jun 30 02:48:11 EDT 2016


While I have not done an in depth comparison, my schema would appear to
just be a re-formatted version of the schema provided in the source
tree.  I believe I originally obtained it from an ubuntu release
slightly more than a year ago.  What is striking here is that this all
worked less than a month ago on my test platform.

For the curious, here is the schema I'm using:
https://raw.githubusercontent.com/collegiumv/cv_config/master/roles/slapd/files/cn%3D%7B4%7Dkerberos.ldif

--Michael

On 06/30/2016 01:25 AM, Todd Grayson wrote:
> Got schema issues?  Perhaps?
> 
> http://blog.gmane.org/gmane.comp.encryption.kerberos.bugs/month=20131201
> 
> Magic google phrase:
> 
> openldap kerberos schema "Unable to find requested database type"
> 
> On Thu, Jun 30, 2016 at 12:18 AM, Michael Aldridge
> <michael.aldridge at utdallas.edu <mailto:michael.aldridge at utdallas.edu>>
> wrote:
> 
>     Greetings,
> 
>     I hope I am emailing the correct list and if I am not then please accept
>     my apology.  I am in the process of standing up a pair of KDCs and I am
>     encountering this error when attempting to create the initial password
>     stash for accessing the ldap server that backs the kerberos database:
> 
>     kdb5_ldap_util: Unable to find requested database type while setting up
>     lib handle
> 
>     The command I ran to get that error message is:
> 
>     sudo kdb5_ldap_util -D "cn=krbAdmService,dc=collegiumv,dc=org"
>     stashsrvpw -f /var/krb5kdc/ldap.keyfile
>     "cn=krbAdmService,dc=collegiumv,dc=org"
> 
>     I have used my best google-fu but still come up empty.  I can see
>     several people who seem to have had the same issue, but I cannot find a
>     solution.  I appreciate any insight to this error.
> 
>     --Michael
> 
>     --
>     Michael Aldridge
>     Network Administrator
>     Collegium V Honors College
>     The University of Texas at Dallas
>     ________________________________________________
>     Kerberos mailing list           Kerberos at mit.edu
>     <mailto:Kerberos at mit.edu>
>     https://mailman.mit.edu/mailman/listinfo/kerberos
> 
> 
> 
> 
> -- 
> Todd Grayson
> Business Operations Manager
> Customer Operations Engineering
> Security SME
> 


More information about the Kerberos mailing list