Re: symas openldap-packages and kerberos

17 Dec 2021

      17.12.2021 17:34, Stefan Kania пишет:
...
Hello to all,
I'm trying to get GSSAPI authentication running with the symas-packages.
I generated a ldap.keytab file and it's readable for the ldap-user
running the slapd. With the Debian-packages I ad:

export KRB5_KTNAME="/path/to/ldap.keytab"
I don't want to use the system keytab /etc/krb5.keytab. How do I tell
slapd from the symas-packages to use my service-keytab?
I try to add to my /etc/default/symas-openldap:
KRB5_KTNAME="/path/to/ldap.keytab
but it's not working.
Stefan
Hello.
First of all you should determine, if ENV "KRB5_KTNAME" is using by 
running process. Try this to extract all of ENVs
strings –a /proc/<pid_of_the_process_ldap>/environ
If you cann't see KRB5_KTNAME, you can try to add
export KRB5_KTNAME="/path/to/ldap.keytab"
to startup script
If you see KRB5_KTNAME, thats means symas-openldap doesn't use KRB5_KTNAME.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: symas openldap-packages and kerberos

export KRB5_KTNAME="/path/to/ldap.keytab"

I try to add to my /etc/default/symas-openldap:

KRB5_KTNAME="/path/to/ldap.keytab