Changes for page KerberosAndLDAP
Last modified by Sirius Rayner-Karlsson on 2024/05/09 10:54
From version 13.1
edited by Sirius Rayner-Karlsson
on 2024/05/01 17:11
on 2024/05/01 17:11
Change comment:
There is no comment for this version
To version 4.1
edited by Sirius Rayner-Karlsson
on 2024/05/01 05:07
on 2024/05/01 05:07
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -4,19 +4,30 @@ 4 4 5 5 First, install the packages containing the LDAP-enabled Kerberos servers ([[krb5-kdc-ldap>>url:https://packages.debian.org/krb5-kdc-ldap]] and [[krb5-admin-server>>url:https://packages.debian.org/krb5-admin-server]]) and the [[schema2ldif>>url:https://packages.debian.org/schema2ldif]] tool: 6 6 7 - ##{{{$ sudo apt install krb5-kdc-ldap krb5-admin-server schema2ldif}}}##7 +~{~{~{ 8 8 9 +$ sudo apt install krb5-kdc-ldap krb5-admin-server schema2ldif 9 9 11 +}}} 12 + 13 + 10 10 Then load the ##kerberos## schema: 11 11 12 - ##{{{$ zcat /usr/share/doc/krb5-kdc-ldap/kerberos.openldap.ldif.gz | ldapadd -H ldap:~/~/nas.fqdn/ -D uid=root,cn=users,dc=example,dc=com Password: adding new entry "cn=kerberos,cn=schema,cn=config" $}}}##16 +~{~{~{ 13 13 18 +$ zcat /usr/share/doc/krb5-kdc-ldap/kerberos.openldap.ldif.gz | ldapadd -H ldap:~/~/nas.fqdn/ -D uid=root,cn=users,dc=example,dc=com 14 14 20 +adding new entry "cn=kerberos,cn=schema,cn=config" 15 15 22 +}}} 23 + 24 + 16 16 And add an index on the ##krbPrincipalName## (improves performance and also suppresses some log messages if ##slapd## is configured to log more than default) for the database(s) where you intend to store Kerberos data: 17 17 18 -{{ {# ldapmodify -H ldap:~/~/nas.fqhn <<EOF27 +~{~{~{ 19 19 29 +# ldapmodify -H ldap:~/~/nas.fqhn <<EOF 30 + 20 20 dn: olcDatabase={1}bdb,cn=config 21 21 22 22 add: olcDbIndex