Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) From: william.fiveash@sun.com Subject: SVN Commit X-RT-Original-Encoding: iso-8859-1 Content-Length: 705 When I ran kdb5_util dump I had two initial problems. First, the LDAP plugin was not finding the bind DN because open_db_and_mkey() was passing KRB5_KDB_SRV_TYPE_OTHER to krb5_db_open(). When I change this to KRB5_KDB_SRV_TYPE_ADMIN then the ldap_kadmind_dn parameter is used from krb5.conf and a valid bind DN is found. Second, krb5_ldap_iterate() will core dump when it is called withy a NULL match_expr arg. This is how dump_db calls krb5_db_iterate(). I updated krb5_ldap_iterate() to use a default_match_expr of "*" if match_expr == NULL. Commit By: wfiveash Revision: 18736 Changed Files: U trunk/src/kadmin/dbutil/kdb5_util.c U trunk/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c