I have searched, read, google'd, et.al. and am at a loss. All that I want to do at this time is use ldapsearch with gssapi. The output is attached. I created the keytab entry for the FQDN, but oddly, I had to use just ldap/host without the dns domain name. That really does not matter, but it is in the output. After running the first ldapsearch, I see the ticket for the ldap server, service principal ldap/sws602@MCSUN.LOCAL. The kdc is happy and records the TGS_REQ as successful. But this line from ldapsearch debug output is most puzzling: ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80) additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (File exists) Help, Alex --
Attachment:
ldapsearch.out
Description: Binary data