http://bugzilla.novell.com/show_bug.cgi?id=619549
http://bugzilla.novell.com/show_bug.cgi?id=619549#c3
--- Comment #3 from Ralf Haferkamp 2010-07-06 11:50:03 CEST ---
Hm the correct fix would probably be to write the correct settings to
/etc/openldap/ldap.conf from the ldap-server module (The ldap-server module
writes /etc/openldap/ldap.conf when using the UI wizward) . However I ran into
a bit of a problem with that.
1. If I write /etc/openldap/ldap.conf using the etc.ldap_conf agent, even with
flushing the caches Write(.src.ldap_conf, "force"), the kerberos-server module
seems to ignore the values. I don't know exactly what it does but it just seems
to be using the ldap-client/ldap modules.
2. The ldap-server module writes "host localhost" to the
/etc/openldap/ldap.conf, but during the run of kerberos-server this is somehow
changed to "host 127.0.0.1" which will break the certificate verification of
libldap. Only when "localhost" is used libldap will try to figure out the real
hostname for certificate verification. I have no idea where this change from
localhost to "127.0.0.1" happens, it might be ldap-client or kerberos-server.
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.