I am running openldap 2.2.13. I am having a problem getting TLS to work. I
have done numerous searches, but most web pages seem to deal with
LDAP/kerberos issues. We do not run kerberos. I am only trying to prevent
passwords from being sent in the clear.
I have followed the instructions on this page:
http://www.ibm.com/developerworks/linux/library/l-openldap/
I am able to run ldapsearch with simple auth:
ldapsearch -x
but, am not able to do any of the following:
ldapsearch
ldapsearch -X u:myuid
ldapsearch -X dn:uid=myuid,ou=People,dc=example,dc=com
The error is (with "-d 255"):
...
SASL/GSSAPI authentication started
ldap_perror
ldap_sasl_interactive_bind_s: Local error (-2)
additional info: SASL(-1): generic failure: GSSAPI Error:
Miscellaneous failure (No credentials cache found)
It looks like the server is running fine. But, the logs don't really indicate
what the problem is. (It seems to be more of a client issue, but still the
server should give some hint in the logs.)
If you need more debugging info, just let me know.
Any help would be greatly appreciated.
TIA
Craig