Question re: {KERBEROS} syntax

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

It happens to all of us...

I am still having a couple of issues though (for everyone else listening :)

I changed pamMapMethod to Entry
I then set pamIDAttr to aliasedObjectName (out of laziness for now)

When I start the slapd with this, I get this..

pam_passthru-plugin - Warning: The following suffixes listed in
pamExcludeSuffix or pamIncludeSuffix are not present in this server:
o=NetscapeRoot

But, the admin server will still start just fine..

Regardless, the system does not appear to try to use the aliasedobjectname
for the user to pass to pam.. (I have KRBPRINC at REALM.COM in
aliasedobjectname)..

Any ideas?

Tom

Ps.. If I leave it as RDN, I get no error on startup about suffix and as
long as my bind dn matches my krb princ in the default realm, it works.. So
I?m halfway there?



On 7/26/06 9:18 AM, "Paul Engle" <pengle at rice.edu> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> *Blush*  Okay, that's just plain embarrassing. That ended up being caused
> by having the 'auth' part in the pam configuratoin but no 'account' line
> for pam_krb5.so.
> 
>   -paul
> 
> - --On Tuesday, July 25, 2006 05:49:51 PM -0400 Tom Ryan
> <tomryan at camlaw.rutgers.edu> wrote:
> 
>> >
>> >
>> >
>> > On 7/25/06 5:47 PM, "Paul Engle" <pengle at rice.edu> wrote:
>> >
>> >
>> >
>> > I'm not familiar with that message. I don't recall having any issues. I
>> > wasn't trying do add it to a live server, though. I was working on a
>> > development machine and was able to yank the DS up and down with impunity.
>> >
>> >
>> > In this message,
>> >
>> > http://www.redhat.com/archives/fedora-directory-users/2006-May/msg00081.h
>> > tml
>> >
>> > You noted you had the same error (reset required) when simple binding at
>> > first..
>> >
>> > Tom
> 
> 
> 
> - --
> Paul D. Engle                | Rice University
> Sr. Systems Administrator    | Information Technology - MS119
> (713) 348-4702               | P.O. Box 1892
> pengle at rice.edu              | Houston, TX 77251-1892
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.6 (GNU/Linux)
> 
> iD8DBQFEx2vHCpkISWtyHNsRAkdYAKD9mCDZCSGoG+PDcteXOttgyBZYywCfXjmM
> g1p3GL9gbu4Ja5M880MwZX0=
> =JFVj
> -----END PGP SIGNATURE-----
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20060726/6ed716f3/attachment.html
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux