Re: SASL added principles to Kerberos cache but returned error.

[Quanah Gibson-Mount <quanah@stanford.edu>]

--On Thursday, June 03, 2004 10:06 PM +0800 The Shell 
<samwun@hgcbroadband.com> wrote:

> Hi,
>
> I just tested SASL 2.1.18, change the host and service name to be the
> same name during the testing of the sample client and server, it actually
> added the new principles to the kerberos cache (running Heimdal Kerberos
> 5, the latest version as I downloaded today).
> The klist shown the following new principles had been added to the
> kerberos cache:
>
> root@fbsd [7:26pm] [...cyrus-sasl-2.1.18/sample]# klist
> Credentials cache: FILE:/tmp/krb5cc_0
>        Principal: sam@ROCK.COM
>
>  Issued           Expires          Principal               Jun  3
> 17:17:53  Jun  3 23:57:53  krbtgt/ROCK.COM@ROCK.COM  Jun  3 17:18:53  Jun
> 3 23:57:53  host/fbsd.rock.com@ROCK.COM
> Jun  3 18:46:25  Jun  3 23:57:53  root/fbsd.rock.com@ROCK.COM
> Jun  3 19:15:24  Jun  3 23:57:53  sam/fbsd.rock.com@ROCK.COM
>
> The last three Principals were added during the test of sample client and
> server in Cyrul-sasl 2.1.18.
> But but the test still returned error such as:
> lt-sample-client: SASL Other: GSSAPI Error:  A token was invalid (Unknown
> error: 0)
> lt-sample-client: Performing SASL negotiation: generic failure
>
> What should I do to fix this problem? I m afraid this will bring in other
> problem when I further configure OpenLdap.

Sam,

Until you fully get cyrus-sasl working, you need to move your discussion to 
the list dedicated to answering questions about problems with Cyrus-SASL. 
This list is purposed to OpenLDAP, not Cyrus-SASL.

See:

<http://asg.web.cmu.edu/sasl/#mailinglists>

For more information.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html