[Date Prev][Date Next] [Chronological] [Thread] [Top]

GSSAPI fails?



Hi.

I've set up a kerberos realm and now I'm trying to make openldap use k5
credential, without success.

First, I'm using debian stable, so I'm using ldap 2.0.23. I know it has
some incompatibilities and so I have NO suffix (base DN).

My realm is PLM.A.B.COM, the ldap/kdc server is plm.a.b.com. I can log
in with a ldap user, it gets the right tickets, but when I try to modify
my loginShell attribute I get this:


$ ldapmodify -v -f user.ldif
SASL/GSSAPI authentication started
SASL SSF: 56
SASL installing layers
modifying entry "uid=ldaptest"
replace loginShell:
        /bin/bash
ldap_modify: Insufficient access

ldif_record() = 50
$


What should I do?

-- 
Sensei    <mailto:senseiwa@tin.it>
          <icqnum:241572242>
          <msn-id:Sensei_Sen@hotmail.com>
Error: Keyboard not found. Press F1 to continue...