You are not logged in.
Has anyone gotten the LDAP backend for Heimdal to work? I've recompiled Heimdal with ldap backend support, and I have LDAP all set up, but no matter what I do, when I run kadmin to init the realm, I get this:
[arew264@Reno src]$ sudo kadmin -l
kadmin> init LINUXLAB.FHS
kadmin: hdb_open: ldap_sasl_bind_s: Can't contact LDAP server
From what I've read, Heimdal connects to LDAP through the unix socket that LDAP creates when you start it with the option "-h ldapi://", but if I start it with this option, it crashes with a file not found error. I think it's trying to create a socket in the directory where it was built because it outputs this:
[arew264@Reno slapd]$ sudo /usr/sbin/slapd -h ldapi:// -f /etc/openldap/slapd.conf -d 1023
@(#) $OpenLDAP: slapd 2.3.40 (Jan 17 2008 23:58:45) $
nobody@tygra:/build/src/openldap-2.3.40/servers/slapd
daemon_init: ldapi://
daemon_init: listen on ldapi://
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldapi://)
daemon: bind(7) failed errno=2 (No such file or directory)
slap_open_listener: failed on ldapi://
slapd stopped.
connections_destroy: nothing to destroy.
[arew264@Reno slapd]$
That nobody@tygra line... that must be from the package maintainer's computer because, as you can see, my box is named Reno.
Offline
I answered my own question. Appending LDAPI:// to the server list tells OpenLDAP to create a unix socket at... /var/lib/openldap/run/ldapi. Apparantly it's a strange side effect of the configure options that TomK used.
Offline