[38138] in Kerberos
Re: upgrading kdc from 1.9 to 1.16, things to worry about?
daemon@ATHENA.MIT.EDU (Todd Grayson)
Mon Dec 11 19:12:47 2017
MIME-Version: 1.0
In-Reply-To: <CAOdMLc20XiO+iNuFMzitS5XU2xcZCGquTGZfRZqp5a-rES+dmg@mail.gmail.com>
From: Todd Grayson <tgrayson@cloudera.com>
Date: Mon, 11 Dec 2017 17:12:03 -0700
Message-ID: <CALNT6MXGbn=dW70UVkgWbZwORb4zhgF9QQLc_skiEm5PH58LUg@mail.gmail.com>
To: Chris Hecker <checker@d6.com>
Cc: "kerberos@mit.edu" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
What OS distro are you working over for the KDC hosts., the schema is no
longer present in current distro specific packaging for openLDAP (that I
can find).
On Mon, Dec 11, 2017 at 12:50 PM, Chris Hecker <checker@d6.com> wrote:
> Ok, moving this over to the main list...
>
> Anybody else have any thoughts on the update below?
>
> Thanks,
> Chris
>
>
> On Mon, Dec 11, 2017 at 11:11 Greg Hudson <ghudson@mit.edu> wrote:
>
> > kerberos@mit.edu is better for questions like this. Your plan seems
> > sound, with the proviso that I'm not an expert on OpenLDAP (or whatever
> > LDAP server you're using; 389ds also works with krb5, and likely
> > others). So if there are potential issues with updating the schema, I
> > wouldn't know about them. The new schema is indeed a superset of the
> > old one, with optional attributes added.
> >
> > On 12/09/2017 10:57 PM, Chris Hecker wrote:
> > > I need to update my kdc finally to get access to a couple new features,
> > and
> > > because duh.
> > >
> > > My KDC uses the LDAP backend.
> > >
> > > - I was not planning on updating slapd.
> > > - I was going to back up and everything, of course.
> > > - I assume I need to copy the latest kerberos.schema over. It looks
> like
> > > it's just a superset of the old one.
> > >
> > > Is there anything else I need to look out for you guys can think of
> when
> > > doing this update?
> > >
> > > I have some patches that add minor features I'll have to port once
> things
> > > are up and running smoothly, and I'll finally contribute them back like
> > > promised to this list and Greg 5 years ago. Oops.
> > >
> > > Chris
> > > _______________________________________________
> > > krbdev mailing list krbdev@mit.edu
> > > https://mailman.mit.edu/mailman/listinfo/krbdev
> > >
> >
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
--
Todd Grayson
Business Operations Manager
Customer Operations Engineering
Security SME
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
