issue with database_name parameter
Will Fiveash
William.Fiveash at sun.com
Thu May 11 15:46:35 EDT 2006
I've noticed that the latest MIT krb code with LDAP support appears to
ignore the database_name if it is located in a [realms] section entry in
the kdc.conf (kadmin.local issues an error stating the KDB does not
exist). If I place the database_name in a [dbmodules] section entry in
the krb5.conf then kadmin.local works. For example in kdc.conf I have:
[realms]
ACME.COM = {
profile = /usr/local/krb_ldap/etc/krb5.conf
database_name = /usr/local/krb_ldap/var/krb5kdc/principal
...
$ kadmin.local -q "addprinc -pw test123 willf/admin"
Authenticating as principal willf/admin at ACME.COM with password.
kadmin.local: No such file or directory while initializing kadmin.local interface
If I use the parameters below in krb5.conf then kadmin.local works:
[dbmodules]
db_module_dir = /usr/local/krb_ldap/lib/krb5/plugins/kdb
DB2 = {
db_module_dir = /usr/local/krb_ldap/lib/krb5/plugins/kdb
dbname = db2
database_name = /usr/local/krb_ldap/var/krb5kdc/principal
}
Thoughts?
--
Will Fiveash
Sun Microsystems Inc.
Austin, TX, USA (TZ=CST6CDT)
More information about the krbdev
mailing list