[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL/GSSAPI auth stops working after slapd restart




Hi, folks

I managed to set-up a working openldap+Kerberos+SASL/GSSAPI configuration that allows me to use SASL/GSSAPI authentication for ldap searches. That is, everything works fine after REBOOT of the server, but SASAL/GSSAPI breaks whenever the slapd is restarted. Here is the error message I get:

$ ldapwhoami
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
        additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (Permission denied in replay cache code)

Rebooting the server brings us back to previous (i.e. working) condition, but restarting the (ldap and kerberos-related) services one by one doesn't. I would apreciate any ideas on how to proceed with troubleshooting this annoying problem. :-(

I'm testing this on rather standard Mandrake Linux 9.2 install, with following software installed:

cyrus-SASL  v2.1.15
OpenLDAP v2.1.22
(MIT) Kerberos v1.3

thx
        Denis
--
T-Mobile Austria GmbH,
Information Technologies / Services
Knowledge Management & Process Automation

Dr. Denis Havlik,                             eMail: denis.havlik@t-mobile.at
Rennweg 12, Zi. 444                       Phone: +43-1-79-585/6237          
A-1030 Vienna                                  Fax: +43-1-795-85/6584