[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: gss_accept_sec_context
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Marian Chowanetz
> hi,
>
> I set up openldap+gssapi+kerberos/heimdal on two machines. On
> the first
> machine I installed all from the sources (ldap2.1.25, cyrus2.1.17,
> krb1.3.2), on the second all from the distri (SuSE 9.0). openldap runs
> (slapd -d -1), heimdal(distri)/kerberos(source) runs with
> init database,
> kinit, klist ...
>
> But the problem is the same: if I test openldap with ldapwhoami or
> ldapmodify I get the same error:
>
> SASL/GSSAPI authentication started
> ldap_sasl_interactive_bind_s: Invalid credentials (49)
> additional info: SASL(-13): authentication failure:
> GSSAPI Failure:
> gss_accept_sec_context
>
> I've read howtos/manuals/admin guide but I couldn't find the mistake.
> I tried different settings in slapd.conf and in
> kerberos/heimdal but to no
> avail.
> I just want to get valid credentials.
>
> Any suggestions would be very appreciated...
It sounds to me like you have installed the software but you haven't created
a Kerberos principal for the LDAP service. This is a Kerberos usage question,
not an OpenLDAP issue.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support