Setting up the KDC ldap backend

John Byrne jhnbyrn at
Tue Feb 5 15:30:47 EST 2019


I'm trying to set up the KDC with the LDAP plugin. I've been using:

as references (I'm not using Ubuntu, I'm using CentOS 7 but most of the
info on the Ubuntu page above seems to be fairly generic).

When I run the command to create the database, it challenges me for a
password. I didn't set one up, and if I just hit enter, I get this:

$ sudo kdb5_ldap_util -D cn=admin,dc=example,dc=com -H ldapi:/// create -s
Password for "cn=admin,dc=example,dc=com":
kdb5_ldap_util: Cannot allocate memory while retrieving ldap configuration

Now, I don't really know much about LDAP, so I could be missing something.
Do I have to create "cn=admin,dc=example,dc=com" as a user somehow before I
run this?

I've tried reading up on LDAP, but I haven't found anything that explains
what I need to do here. I'm looking for a shortcut to the quickest possible
setup - I don't really need LDAP except that I'm trying to test constrained
delegation in a web application, and apparently that only works with the
LDAP backend.

Can anyone explain what's the bare minimum I need to do to get this


More information about the Kerberos mailing list