Setting up the KDC ldap backend
John Byrne
jhnbyrn at gmail.com
Tue Feb 5 15:30:47 EST 2019
Hi,
I'm trying to set up the KDC with the LDAP plugin. I've been using:
https://web.mit.edu/kerberos/krb5-latest/doc/admin/conf_ldap.html
and
https://web.mit.edu/kerberos/krb5-latest/doc/admin/advanced/ldapbackend.html#ldap-be-ubuntu
as references (I'm not using Ubuntu, I'm using CentOS 7 but most of the
info on the Ubuntu page above seems to be fairly generic).
When I run the command to create the database, it challenges me for a
password. I didn't set one up, and if I just hit enter, I get this:
$ sudo kdb5_ldap_util -D cn=admin,dc=example,dc=com -H ldapi:/// create -s
Password for "cn=admin,dc=example,dc=com":
kdb5_ldap_util: Cannot allocate memory while retrieving ldap configuration
Now, I don't really know much about LDAP, so I could be missing something.
Do I have to create "cn=admin,dc=example,dc=com" as a user somehow before I
run this?
I've tried reading up on LDAP, but I haven't found anything that explains
what I need to do here. I'm looking for a shortcut to the quickest possible
setup - I don't really need LDAP except that I'm trying to test constrained
delegation in a web application, and apparently that only works with the
LDAP backend.
Can anyone explain what's the bare minimum I need to do to get this
working?
Thanks,
John
More information about the Kerberos
mailing list