Lars Hanke <[email protected]> writes: > I guess the first two entries are the reason, why the autostart > fails. After a short look to /etc/rc3.d this is clear: S18krb5-kdc, > S19slapd (same problems would arise with bind9 and LDAP backend). Is this > something to report to the LDAP maintainers?
The problem is that this is a catch-22. Putting your KDC in LDAP is an unusual case (at least currently). In that case, you want LDAP to start first. The much more common case is that LDAP uses Kerberos authentication. In that case, you want to start the KDC first. There's no good ordering that works for all cases. What probably should happen is that krb5kdc should keep retrying the LDAP server for a while rather than giving up and exiting. (I personally have no idea on the krb524d problems, unfortunately.) -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
