John Robert Mendoza wrote:
Thanks for the reply Rob.I did manage to solve the error by changing the permissions on the ds.keytab file.I can finally do ldapsearch with gssapi. BTW, I was just wondering, would there be any way i can make ldap as the database for the kerberos principals.Isn't it that when get a ticket from kerberos it supposed to look into ldap for its principals?
Yes, MIT kerberos has an LDAP backend that you can use. You might want to look into the IPA project at http://www.freeipa.org/ This is exactly what it does (among other things). It might give you some pointers how to configure things at a minimum.
rob
<<attachment: smime.p7s>>
-- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
