directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "CORUM, M E [AG/1000]" <m.e.co...@monsanto.com>
Subject RE: ApacheDS 1.5.0 - Multiple Kerberos KDCs Possible?
Date Mon, 30 Apr 2007 13:36:39 GMT
Alex,

I'm on 1.5.0.  I assume you mean something after 1.5?

MikeC

-----Original Message-----
From: akarasulu@gmail.com [mailto:akarasulu@gmail.com] On Behalf Of Alex
Karasulu
Sent: Monday, April 30, 2007 4:32 AM
To: users@directory.apache.org
Subject: Re: ApacheDS 1.5.0 - Multiple Kerberos KDCs Possible?

Mike,

I don't think this is possible.  Enrique is presently working on adding
the
ability to support
multiple realms however I think this will appear in the 1.5 branch
rather
than the 1.0 branch.
For an update and some time frame I think we can ask Enrique about it.

Regards,
Alex

On 4/29/07, CORUM, M E [AG/1000] <m.e.corum@monsanto.com> wrote:
>
> I have Kerberos working with ApacheDS 1.5.0 nicely and now I need to
> simulate multiple environments if possible.  Is it possible to have a
> separate domain in a separate partition that has its own separate
> Kerberos KDC?  I tried doing this by just creating a new partition and
> setting up its structure and then adding the entries for the Kerberos
> stuff (hostldap, krbtgt, etc...) with a new ldif file into this new
> partition.  Everything loaded up fine and I can see it all with
> JXplorer.  However, I'm not sure how I would set the kdc.entryBaseDn
in
> the server.xml.  If I have two entries, neither KDC works.  If I have
> the original entry that worked before, it continues to work.  If I
have
> only the new entry, it does NOT work.  Therefore, I'm wondering if
there
> is a limitation where you can only have one KDC and it can "only" be
the
> first one that you set up.  I'm hoping to have a KDC to service each
> domain/partition if possible.
>
> MikeC
>
>
>
>
------------------------------------------------------------------------
---------------------------------
> This e-mail message may contain privileged and/or confidential
> information, and is intended to be received only by persons entitled
to
> receive such information. If you have received this e-mail in error,
please
> notify the sender immediately. Please delete it and all attachments
from any
> servers, hard drives or any other media. Other use of this e-mail by
you is
> strictly prohibited.
>
>
> All e-mails and attachments sent and received are subject to
monitoring,
> reading and archival by Monsanto. The recipient of this e-mail is
solely
> responsible for checking for the presence of "Viruses" or other
"Malware".
> Monsanto accepts no liability for any damage caused by any such code
> transmitted by or accompanying this e-mail or any attachment.
>
>
------------------------------------------------------------------------
---------------------------------
>
>

---------------------------------------------------------------------------------------------------------
This e-mail message may contain privileged and/or confidential information, and is intended
to be received only by persons entitled to receive such information. If you have received
this e-mail in error, please notify the sender immediately. Please delete it and all attachments
from any servers, hard drives or any other media. Other use of this e-mail by you is strictly
prohibited.


All e-mails and attachments sent and received are subject to monitoring, reading and archival
by Monsanto. The recipient of this e-mail is solely responsible for checking for the presence
of "Viruses" or other "Malware". Monsanto accepts no liability for any damage caused by any
such code transmitted by or accompanying this e-mail or any attachment.
---------------------------------------------------------------------------------------------------------


Mime
View raw message