maybe you should take a look at the debug-output of slapd first.
as long as sasl does not work, i do not mention slapd ;-)
but: slapd runs fine if I neglect the authentification problem by sasl
BjÃrn Nachtwey schrieb:
Dear all,
I set up a ldap server and want to use sasl/kerberos5 for
authetification.
you mean: gssapi
no, i mean kerberos5
well, using debian/etch it works fine.
using scientific linux 5.1 (SL5.1) it does not work, not even
testsaslauthd works.
the configuration of both systems is the same,
snippets of the config-files...
cat /etc/krb5.conf @ SL-machine:
[realms]
TU-BS.de = {
kdc = rzkrb1.rz.tu-bs.de
kdc = rzkrb2.rz.tu-bs.de
admin_server = rzafs7.rz.tu-bs.de
}
[domain_realm]
tu-bs.de = TU-BS.de
.tu-bs.de = TU-BS.de
cat /etc/krb5.conf @ Debian/Etch:
[realms]
TU-BS.DE = {
kdc = rzkrb1.rz.tu-bs.de
admin_server = rzafs7.rz.tu-bs.de
}
[domain_realm]
.tu-bs.de = TU-BS.DE
tu-bs.de = TU-BS.DE
cat /etc/default/saslauthd @ Debian/Etch:
START=yes
MECHANISMS="kerberos5"
MECH_OPTIONS=""
THREADS=3
OPTIONS="-c"
cat /etc/sysconfig/saslauthd @ SL51
SOCKETDIR=/var/run/saslauthd
MECH=kerberos5
FLAGS=
but it's the same if I do the saslauthd start with
saslauthd -a kerberos5 -n 1
on both maschines: debian works, SL does not :-(
thanks,
BjÃrn
besides hostname gives on
debian just the name and on SL5.1 the FQN.
i also tried to compile cyrus/sasl from sources -- just the same.
sl being a clone of RHEL, does anyone have the same problem?
does anyone have any idea?
thanks & best regards,
BjÃrn
____________
Virus checked by G DATA AntiVirusKit
Version: AVK 18.4023 from 05.06.2008
Virus news: www.antiviruslab.com