[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Problem with SASL and GSSAPI
There was a thread started by Jean-Eric Cuendet back in March with
this subject that ended without complete resolution and was started by
this message:
http://www.openldap.org/lists/openldap-software/200103/msg00344.html
I have found myself with a similar scenario (Permission denied in
gss_acquire_cred) and I have found it happens when slapd runs as non
root. Current OpenLDAP packages by RedHat do this.
The workaround consists in using a different keytab owned by the user
slapd runs as.
I have sketched the whole method at:
http://www.openldap.org/faq/data/cache/630.html
This answer comes a little late, but search engines did not return
easily pointers to the needed answer, that is learning about the
KRB5_KTNAME environment varibale. As a matter of fact, the answer
most likely to be found is that there is no solution.
Julio