[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL GSSAPI authentication error -please help
At 02:09 PM 8/19/2004, Turbo Fredriksson wrote:
>Quoting "Mohan" <mohan@roomsnet.com>:
>> I added the following line to slapd.conf
>>
>> rootdn "uid=ldapadmin,cn=RMSNET.COM,cn=gssapi,cn=auth"
>
>Remove this (and add ACL/ACI's instead).
why?
>> pdc:~# ldapsearch
>> SASL/GSSAPI authentication started
>> ldap_sasl_interactive_bind_s: Invalid credentials (49)
>> additional info: SASL(-13): authentication failure: GSSAPI Failure:
>> gss_accept_sec_context
>
>
>Try to run 'ldapwhoami'.
Wise to always start with ldapwhoami(8) when toying with IDs.
I suspect it would show the same error as it part of the
authentication exchange.
>You will need a 'sasl-regexp' in your slapd.conf file.
Not so. Authentication DNs may be used as authorization
DNs, if so desired.
>sasl-regexp
> uid=(.*),cn=(.*),cn=gssapi,cn=auth
> ldap:///dc=$2,dc=com??sub?(uid=$1)
>
>This just from the top of my head...