[37548] in Kerberos
Re: ldap database error when creating initial stash
daemon@ATHENA.MIT.EDU (Michael Aldridge)
Thu Jun 30 02:48:43 2016
To: undisclosed-recipients:;
CC: "kerberos@MIT.EDU" <kerberos@mit.edu>
From: Michael Aldridge <michael.aldridge@utdallas.edu>
Message-ID: <85e441e4-fe87-3ef8-bd9b-f99549b3c077@utdallas.edu>
Date: Thu, 30 Jun 2016 01:48:11 -0500
MIME-Version: 1.0
In-Reply-To: <CALNT6MWVFnU1eyJOT=Hfy3xhLR5QZcL0STERmjXATiJfWJy-Sw@mail.gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
While I have not done an in depth comparison, my schema would appear to
just be a re-formatted version of the schema provided in the source
tree. I believe I originally obtained it from an ubuntu release
slightly more than a year ago. What is striking here is that this all
worked less than a month ago on my test platform.
For the curious, here is the schema I'm using:
https://raw.githubusercontent.com/collegiumv/cv_config/master/roles/slapd/files/cn%3D%7B4%7Dkerberos.ldif
--Michael
On 06/30/2016 01:25 AM, Todd Grayson wrote:
> Got schema issues? Perhaps?
>
> http://blog.gmane.org/gmane.comp.encryption.kerberos.bugs/month=20131201
>
> Magic google phrase:
>
> openldap kerberos schema "Unable to find requested database type"
>
> On Thu, Jun 30, 2016 at 12:18 AM, Michael Aldridge
> <michael.aldridge@utdallas.edu <mailto:michael.aldridge@utdallas.edu>>
> wrote:
>
> Greetings,
>
> I hope I am emailing the correct list and if I am not then please accept
> my apology. I am in the process of standing up a pair of KDCs and I am
> encountering this error when attempting to create the initial password
> stash for accessing the ldap server that backs the kerberos database:
>
> kdb5_ldap_util: Unable to find requested database type while setting up
> lib handle
>
> The command I ran to get that error message is:
>
> sudo kdb5_ldap_util -D "cn=krbAdmService,dc=collegiumv,dc=org"
> stashsrvpw -f /var/krb5kdc/ldap.keyfile
> "cn=krbAdmService,dc=collegiumv,dc=org"
>
> I have used my best google-fu but still come up empty. I can see
> several people who seem to have had the same issue, but I cannot find a
> solution. I appreciate any insight to this error.
>
> --Michael
>
> --
> Michael Aldridge
> Network Administrator
> Collegium V Honors College
> The University of Texas at Dallas
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> <mailto:Kerberos@mit.edu>
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
>
>
> --
> Todd Grayson
> Business Operations Manager
> Customer Operations Engineering
> Security SME
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
