[Date Prev][Date Next] [Chronological] [Thread] [Top]

GSSAPI fails?

To: openldap-software@OpenLDAP.org
Subject: GSSAPI fails?
From: Sensei <senseiwa@tin.it>
Date: Mon, 10 May 2004 14:55:51 +0200

Hi.

I've set up a kerberos realm and now I'm trying to make openldap use k5
credential, without success.

First, I'm using debian stable, so I'm using ldap 2.0.23. I know it has
some incompatibilities and so I have NO suffix (base DN).

My realm is PLM.A.B.COM, the ldap/kdc server is plm.a.b.com. I can log
in with a ldap user, it gets the right tickets, but when I try to modify
my loginShell attribute I get this:


$ ldapmodify -v -f user.ldif
SASL/GSSAPI authentication started
SASL SSF: 56
SASL installing layers
modifying entry "uid=ldaptest"
replace loginShell:
        /bin/bash
ldap_modify: Insufficient access

ldif_record() = 50
$


What should I do?

-- 
Sensei    <mailto:senseiwa@tin.it>
          <icqnum:241572242>
          <msn-id:Sensei_Sen@hotmail.com>
Error: Keyboard not found. Press F1 to continue...

Follow-Ups:
- Re: GSSAPI fails?
  - From: Diego Julian Remolina <dijuremo@math.gatech.edu>
- Re: GSSAPI fails?
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: OpenLDAP 2.1 (?) on RedHat Enterprise summary
Next by Date: Re: grep-ldif script
Index(es):
- Chronological
- Thread