issue regarding policy record storing and LDAP plugin

Will Fiveash William.Fiveash at Sun.COM
Mon Sep 25 22:12:42 EDT 2006

I'm seeing a LDAP_INVALID_DN_SYNTAX error being returned from
ldap_add_s() when called from krb5_ldap_create_password_policy().  The
problem is that the process_k5beta7_policy() called during a kdb5_util
load creates a policy record with a name that is not a DN and later in
krb5_ldap_create_password_policy() there is:

if ((st=ldap_add_s(ld, policy->name, mods)) != LDAP_SUCCESS) {

hence the LDAP_INVALID_DN_SYNTAX.  How is this supposed to work?  Is
policy->name supposed to be set to a DN somewhere?

Will Fiveash
Sun Microsystems Inc.
Austin, TX, USA (TZ=CST6CDT)

More information about the krbdev mailing list