[31363] in Kerberos
Re: Can I get more debug output from kadmin.local?
daemon@ATHENA.MIT.EDU (Chris)
Wed Aug 12 00:11:53 2009
Date: Wed, 12 Aug 2009 00:11:18 -0400
From: Chris <lists@deksai.com>
To: kerberos@mit.edu
Message-ID: <20090812041117.GA6387@chris-laptop.a2hosting.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <20090812020150.GA5736@chris-laptop.a2hosting.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
> I can bind to ldap using the stashed passwords just fine, and read/write
> what I'm supposed to in the container and subtrees.
>
> Is there any way to get some more output out of the program, just a
> little clue?
>
OK, as usual, this was really a stupid problem, and I figured it out
about the most painful way possible.
I had my dn's turned around, and was stashing the password for the kdc
instead of the admin service (it pays to not be blind to your bash
history).
I found my problem by tracing to here in
plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c around line 105:
if (entryfound == 0) {
st = KRB5_KDB_SERVER_INTERNAL_ERR;
krb5_set_error_message (context, st, "Bind DN entry missing in
stash file");
goto rp_exit;
}
As it turns out the source is full of all kinds of wonderful information
about what is going wrong, but none of it prints. Still have to figure
out why that isn't happening correctly...
Chris
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
