[35846] in Kerberos
Re: kdb5_ldap_util create fails
daemon@ATHENA.MIT.EDU (Greg Hudson)
Sun Mar 9 12:51:32 2014
Message-ID: <531C9C05.3000005@mit.edu>
Date: Sun, 09 Mar 2014 12:51:17 -0400
From: Greg Hudson <ghudson@mit.edu>
MIME-Version: 1.0
To: Tobias Hachmer <tobias@hachmer.de>
In-Reply-To: <12676738.ViL7FpQ3DS@tobias-pc>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 03/09/2014 08:20 AM, Tobias Hachmer wrote:
> If I create the first kerberos container manually [...] the
> kdb5_ldap_util from krb 1.12.1 exit with the error that the object
> has no cn like defined in schema for the krbContainer object.
> But the kdb5_ldap_util from krb 1.10.1 (debian tst machine) just
> leaves the first object as it is and initializes the kerberos
> backend in ldap:
Ah, yes. As a result of some cleanup work, 1.12 always tries to
create the krbContainer object (tolerating an LDAP_ALREADY_EXISTS
error) while previous versions only create it if it can't be read. I
wouldn't describe either behavior as a bug; they just have different
results in this corner case.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
