[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP, SASL2, and KERBEROS5
I am able to 'kinit' correctly because I used it
when I verified SASL with 'server' and 'client'
authorization.
I init and export KRB5_KTNAME env in '/etc/sysconfig/ldap',
like so,
export KRB5_KTNAME = /etc/krb5.keytab.
In '/etc/init.d/ldap', I have lines like,
if [ -r /etc/sysconfig/ldap ] then;
. /etc/sysconfig/ldap
fi
But, now I notice there are lines in '/etc/init.d/ldap'
for which am not certain why they are there.
I will investigate and advise. At least I am moving again
and thanks for your help.
You are able to kinit correctly, and it seems the only failing
stuff is the LDAP authentication. This, combined with the error you
posted, makes me think you must have indicated OpenLDAP a location
where it cannot find its keytab. How are you telling OpenLDAP where to
fins its keytab? Do you have a KRB5_KTNAME environmente variable
defined? Where does it point?
Best regards
Jose
O Plameras wrote:
Initially, I have my keytab in /etc/openldap/ldap.keytab.
Then, I deleted it and have it in /etc/krb5.keytab.
I still get the same problem.