directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: Problem kadmin on ApacheDS
Date Fri, 06 Sep 2013 05:28:04 GMT
On Fri, Sep 6, 2013 at 10:25 AM, Christian Felsing <pug@felsing.net> wrote:

> Hello,
>
> what is the right way to set up necessary principals in ApacheDS?
> kadmin does not work until principals are available but kadmin is needed
> to set up them...
>
> kadmin protocol is not supported by ApacheDS, but here is what you can do
to
enable Kerberos in the server

1. enable the KeyDerivationInterceptor
     * goto the entry
ads-interceptorId=keyDerivationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
     * set ads-enabled to TRUE

2. go to the entry
ads-serverId=kerberosServer,ou=servers,ads-directoryServiceId=default,ou=config
    and change the value of ads-searchBaseDN according to your need

3. restart the server

4. inject the entries

Usability of ApacheDS suffers from lack of documentation. At least there
> should be instructions how to set up LDAP structure for Kerberos. I am
> sure that kadmin would work if all necessary LDAP entries would be
> available.
>
> ya, we know, all of our plates are full

> bets regards
> Christian
>



-- 
Kiran Ayyagari
http://keydap.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message