[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL/GSSAPI not working
On Tuesday, March 23, 2004, at 04:19 PM, Digant Kasundra wrote:
I am getting an invalid credentials error when doing an ldapwhoami
after
getting a kerberos ticket. Here is my setup:
OpenLDAP 2.2.6 compiled against Heimdal 0.6 with Cyrus-SASL 2.1.18
running
on Red Hat Enterprise Linux AS 3.0
...
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL(-13): authentication failure: GSSAPI
Failure:
gss_accept_sec_context
Cyrus SASL's GSSAPI errors unfortunately come out without their text,
so it's still a mystery (to me, anyway) what went wrong. You may find
something in yet another log, the KDC syslog.
The only thing that looks odd to me is
Here is what "ktutil list" tells me:
FILE:/etc/sysconfig/krb5.keytab:
Vno Type Principal Key
3 des-cbc-crc ldap/omicron.kerb.uta.edu@KERB.UTA.EDU
ad80fd80b651496b
We may be running a different Kerberos configuration here, but for
us, the keys would need to be in /etc/krb5.keytab.
Donn Cave, University Computing Services, University of Washington
donn@u.washington.edu