[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problems with SASL





--On Monday, March 22, 2004 3:34 PM -0600 Digant Kasundra <digant@uta.edu> wrote:

Hello everyone,

I'm trying to use SASL to authenticate users.  But, whenever I run
ldapwhoami or ldapsearch, or anything else, it fails b/c it tries to get a
ticket for ldap/omicron.uta.edu@UTA.EDU.  The correct realm is
KERB.UTA.EDU. I double checked my krb5.conf, krb.conf, and krb.realms and
they all mention KERB.UTA.EDU as the realm.  And in slapd.conf,
sasl_realm is set to KERB.UTA.EDU.  Anyone know why it is still trying to
get a ticket for the UTA.EDU realm?  Is it parsing the FQDN?

Digant,

The problem here is that your K5 realm is in violation of RFC 1510, section 7.1.

<http://www.ietf.org/rfc/rfc1510.txt>

(Posting here in case others ever see this issue as well).

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html