directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David R Robison <drrobi...@openroadsconsulting.com>
Subject Re: Problems setting up ApacheDS 1.5.4 as a Kerberos Server
Date Mon, 23 Feb 2009 16:21:16 GMT
I have. I also tried to give the kdcServer an Id and reference it in the 
apacheDS element:

  <kdcServer id="kdcServer">
    <tcpTransport>
      <tcpTransport port="88" nbThreads="4" backLog="50"/>
    </tcpTransport>
    <udpTransport>
      <udpTransport port="88" nbThreads="4" backLog="50"/>
    </udpTransport>
    <directoryService>#directoryService</directoryService>
  </kdcServer>
...
  <apacheDS id="apacheDS"
            synchPeriodMillis="15000"
            allowAnonymousAccess="false">

    <directoryService>#directoryService</directoryService>
    <ldapService>#ldapService</ldapService>
    <ldapsService>#ldapsService</ldapsService>
    <kdcServer>#kdcServer</kdcServer>
       
    <!-- We load the orci root context entry here -->
    <ldifDirectory>../instances/default/conf/orciRoot.ldif</ldifDirectory>
  </apacheDS>

but then it complains that the kdcServer is not a valid property of the 
apacheDS element. My guess is that the kdcServer needs to be references 
somewhere else, but I'm not sure where. David

Emmanuel Lecharny wrote:
> On Mon, Feb 23, 2009 at 5:11 PM, David R Robison
> <drrobison@openroadsconsulting.com> wrote:
>   
>> I copied the following files to the lib directory of the DS install and
>> restarted the server.
>> bcprov-ext-jdk16-141.jar
>> bcprov-jdk16-141.jar
>> Things seem to run OK, but the Kerberos server still does not seem to want
>> to start up. Here is the log.
>>     
>
> Have you uncommented the kerberos part in the server.xml file ?
>
>   <!--
>   +============================================================+
>   | Kerberos server configuration                              |
>   +============================================================+
>   -->
>   <!--  missing atou=users,dc=example,dc=com
> <--------------------- here, remove the starting comment
>   <kdcServer>
>     <tcpTransport>
>       <tcpTransport port="60088" nbThreads="4" backLog="50"/>
>     </tcpTransport>
>     <udpTransport>
>       <udpTransport port="60088" nbThreads="4" backLog="50"/>
>     </udpTransport>
>     <directoryService>#directoryService</directoryService>
>   </kdcServer>
> -->
>
> I must tell you that the Kerberos server is really in an hazardous
> state, atm. It _may_ work, but there are no guarantee :/
>
>   

-- 

David R Robison
Open Roads Consulting, Inc.
103 Watson Road, Chesapeake, VA 23320
phone: (757) 546-3401
e-mail: drrobison@openroadsconsulting.com
web: http://openroadsconsulting.com
blog: http://therobe.blogspot.com
book: http://www.xulonpress.com/book_detail.php?id=2579

This e-mail communication (including any attachments) may contain confidential and/or privileged
material intended solely for the individual or entity to which it is addressed.  If you are
not the intended recipient, you should immediately stop reading this message and delete it
from all computers that it resides on. Any unauthorized reading, distribution, copying or
other use of this communication (or its attachments) is strictly prohibited.  If you have
received this communication in error, please notify us immediately.  



 


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message