Use of kerberos in python samdb script
Andrew Bartlett
abartlet at samba.org
Mon May 13 21:18:00 MDT 2013
On Tue, 2013-05-14 at 12:42 +0930, William Brown wrote:
> On Sun, 12 May 2013 10:42:32 PM William Edward Brown wrote:
> > > > Any further ideas would be welcome.
> > >
> > > One more idea: please try to change
> > > sys.path.append('/usr/local/samba/lib64/python2.7/site-packages') into
> > > sys.path.insert(0,'/usr/local/samba/lib64/python2.7/site-packages')
> > > just in case you have samba packages of different origin around.
> > >
> > > Regards
> > >
> > > Geza Gemes
> >
> > No change. I changed my script to what you suggested, but also checked that
> > I only have a single instance of the python libraries anyway. I also
> > suspected that it may be due to the fact I have system ldb libraries
> > installed, so I added to my SamDB opening call.
> >
> > modules_dir='/usr/local/samba/lib/ldb'
>
> I may have solved this.
>
> My system is fedora, so when I login, i'm using a MIT ccache. Isn't this not
> supported? Additionally, the ticket cache is:
> Ticket cache: DIR::/run/user/2000/krb5cc/tkt8FKOCB
Most MIT ccache files are supported, but the DIR one isn't. A patch to
address this would address the biggest technical difficultly in mixing
Heimdal and MIT for different tasks.
> So, what's the best thing to do with this? Use the system ldb that is built
> against ldap and mit? Or is this unsupported.
It would have to be the Samba client code, not just ldb, but it should
work, for python scripts, because that's what Red Hat (who allowed MIT
to work at all with this code) did the work specifically to support.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list