[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: GSSAPI error
On Mon, 2002-07-22 at 02:04, Hans Aschauer wrote:
> On Samstag, 20. Juli 2002 22:55, Stephen Torri wrote:
> > I am having a problem with GSSAPI. The search I am trying to do is to
> > report back the support SASL mechanisms to test the secure ldap:
> >
> >
> > ldapsearch -H ldap://alpha.torri.linux/ -I -b "" -s base -LLL
> > supportedMechanisms
> >
> > SASL/GSSAPI Authentication started
> > SASL Interaction
> > Please enter your authorization name: torri
> > ldap_sasl_interactive_bind_s: Unknown error
> > additional info: GSSAPI: gss_input_name: ; ;
> >
> >
> > I do not understand the error. I am trying to learn openldap and
> > kerberos. I am following a HOWTO that is written for Debian but I
> > have managed to understand it and set up RedHat 7.2 on an Alpha CPU
> > system.
>
>
> Are you shure that you have a valid kerberos TGT, i.e. did you say
> 'kinit' or log in via klogin? You can check that by 'klist'.
>
> For the authorization name, it is usually enough to press enter (at
> least, as long as you didn't set up your directory accordingly). As
> soon as you have a TGT, gssapi knows 'who' you are, and it knows your
> credentials.
>
> A third thing: the attribute is called 'supportedSASLMechanisms'
> (instead of 'supportedMechanisms').
>
> If you do not yet have a working Kerberos environment, you could issue
>
> ldapsearch -x -H ldap://alpha.torri.linux/ -b "" -s base -LLL \
> supportedSASLMechanisms
>
> (note the change from -I to -x, which will do an anonymous simple bind)
>
> Hope that helps,
>
> Hans
Thanks very much for responding. I do not have time right now to mess
with this machine but when I do I will report back to this list and
yourself the result of my efforts.
Stephen