[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: how to specify a different keytab file?
Em Fri, Apr 05, 2002 at 08:51:23AM -0500, Frank Swasey escreveu:
> On Apr 4 at 3:44pm, Andreas Hasenack wrote:
>
> > With openldap-2.0.22, how can I specify a different keytab file
> > for the slapd daemon, instead of the /etc/krb5.keytab one?
>
> On RedHat Linux, add the following line to /etc/sysconfig/ldap
>
> export KRB5_KTNAME="FILE:_path_to_your_file"
>
> And make sure the file is owned by the user you are going to run slapd
> as...
Thanks, I did that, and also checked the permissions, but I keep
getting another error then...:
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Unknown error
additional info: GSSAPI: gss_acquire_cred: Miscellaneous failure; Permission denied in
replay cache code;
If I run slapd as root, then it works. There seems to be something else the slapd daemon
needs to have access to besides the keytab file and I can't figure out what
it is.