From 8e7c26b37d16e9a98ac6b90e28cd4667d1bb405a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Fri, 1 Sep 2006 10:20:49 +0000
Subject: [PATCH] =?UTF-8?q?More=20text=20about=20the=20acl=5Ffile=20entry?=
 =?UTF-8?q?=20and=20hdb-ldap-structural-object.=20From=20R=C3=BCdiger=20Ra?=
 =?UTF-8?q?nft.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17960 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 doc/setup.texi | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/doc/setup.texi b/doc/setup.texi
index 179e4301f..466f6c642 100644
--- a/doc/setup.texi
+++ b/doc/setup.texi
@@ -932,18 +932,25 @@ schema definition syntax instead of the old UMich-style, V2 syntax.
 
 @item
 You should specify the distinguished name under which your
-principals will be stored in @file{krb5.conf}:
+principals will be stored in @file{krb5.conf}. Also you need to
+enter the path to the kadmin acl file:
+
 
 @example
 [kdc]
         database = @{
                 dbname = ldap:ou=KerberosPrincipals,dc=example,dc=com
+                hdb-ldap-structural-object = inetOrgPerson
+                acl_file = /path/to/kadmind.acl
                 mkey_file = /path/to/mkey
         @}
 @end example
 
 @samp{mkey_file} can be excluded if you feel that you trust your ldap
-directory to have the raw keys inside it.
+directory to have the raw keys inside it.  The
+hdb-ldap-structural-object is not necessary if you do not need Samba
+comatibility.
+
 
 
 @item