[Pdns-users] Fatal Error: Trying to set unknown parameter 'ldap-authmethod'

Nejedlo, Mark Mark.Nejedlo at tdstelecom.com
Fri Feb 19 01:02:10 UTC 2021 

If I'm reading the source correctly (questionable), it looks like it should be "ldap-bindmethod".

Mark

> -----Original Message-----
> From: Pdns-users <pdns-users-bounces at mailman.powerdns.com> On Behalf Of
> Dario García Díaz-Miguel via Pdns-users
> Sent: Thursday, February 18, 2021 8:18 AM
> To: pdns-users at mailman.powerdns.com
> Cc: skmf_support <skmf_support at gmv.com>
> Subject: [Pdns-users] Fatal Error: Trying to set unknown parameter
> 'ldap-authmethod'
> 
> Hi,
> 
> I've deployed today pdns for the first time and I found an issue I don't
> know how to solve, so I write over here to claim for some help.
> When I configure the ldap backend as shown below:
> 
> launch=ldap
> ldap-host=ldaps://example.example.com
> ldap-binddn=cn=Administrator,dc=gcc1,dc=kmf,dc=com
> ldap-secret=secret
> ldap-basedn=ou=Hosts,dc=example,dc=com
> ldap-method=strict
> 
> It works flawlessly.
> 
> But If I try to use gssapi according to the pdns documentation...
> launch=ldap
> ldap-host=ldaps://example.example.com
> ldap-authmethod=gssapi
> ldap-krb5-keytab=/etc/pdns.keytab
> ldap-basedn=ou=Hosts,dc=example,dc=com
> ldap-method=strict
> 
> I get the following error trying to start the service:
> 
>       Fatal Error: Trying to set unknown parameter 'ldap-authmethod'
> 
> According to the official Documentation:
> """ldap-authmethod
> (default: "simple") : How to authenticate to the LDAP server. Actually
> only two methods are supported: "simple", which uses the classical DN /
> password, or "gssapi", which requires a Kerberos keytab. """
> 
> The keytab exists and has pdns permissions for pdns user.
> The principal exists and is the only key stored on that keytab.
> 
> 
> 
> I've deployed the last SUSE 15 official repository version:
> 
> - pdns-4.3.1-bp152.2.5.1.x86_64.rpm
> - pdns-backend-ldap-4.3.1-bp152.2.5.1.x86_64.rpm
> - pdns-common-4.0-bp152.3.16.noarch.rpm
> 
> 
> It seems that this property does not exists for this pdns version, but I
> think that gssapi support was added for the 4.1 version which is
> previous than this.
> Some help would be really appreciated.
> 
> Thank you so much.
> Kind Regards.
> 
> 
> 
> P Please consider the environment before printing this e-mail.
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users

More information about the Pdns-users mailing list