[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Kerberos, GSSAPI Miscellaneous failure
--On Friday, September 16, 2005 8:11 PM -0400 nclark1@gmu.edu wrote:
Trying to get openldap working with MIT Kerberos authentication but keep
getting the following error when connecting:
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Internal (implementation specific) error
(80) additional info: SASL(-1): generic failure: GSSAPI Error:
Miscellaneous failure (Resource temporarily unavailable)
I have created and set proper permissions on the ldap.keytab so that
slapd can see it
I see the following in slapd.conf:
Sep 16 20:05:52 socrates slapd[6365]: SASL [conn=9] Failure: GSSAPI
Error: Miscellaneous failure (Resource temporarily unavailable) Sep 16
20:05:52 socrates slapd[6365]: send_ldap_result: conn=9 op=1 p=3 Sep 16
20:05:52 socrates slapd[6365]: send_ldap_result: err=80 matched=""
text="SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure
(Resource temporarily unavailable)"
I suggest using the cyrus-sasl client & server programs to get your
SASL/GSSAPI authentication working before trying to get it working with
OpenLDAP.
Note that the kerberos on the OL system is likely trying to find the ldap/*
principal in the krb5.keytab file.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin