Fwd: ldap_sasl_interactive_bind_s: Other (e.g., implementation specific ) error (80)

[Fabien COMBERNOUS <fcombernous@kezia.com>]

Here a test. I didn't receive my own mail.

This mail was it received by the list ?

-------- Original Message --------
Subject: 	ldap_sasl_interactive_bind_s: Other (e.g., implementation 
specific ) error (80)
Date: 	Tue, 05 Jul 2011 17:52:54 +0200
From: 	Fabien COMBERNOUS <fcombernous@kezia.com>
To: 	openldap-technical@openldap.org



Hi There,

I have an openldap master (hosted by server) and an openldap replica
(hosted by replica). Authentication use SASL/GSSAPI with kerberos.

On the master i get the following output :
server:~ admin$ kinit root
Please enter the password for root@SERVER.LAN:
server:~ admin$ ldapsearch -b cn=mounts,dc=server,dc=lan
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific )
error (80)


On the replica all looks fine :
replica:~ admin$ kinit root
Please enter the password for root@SERVER.LAN:
server:~ admin$ ldapsearch -b cn=mounts,dc=server,dc=lan
SASL/GSSAPI authentication started
SASL username: root@SERVER.LAN
SASL SSF: 56
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base<cn=mounts,dc=server,dc=lan>  with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
etc ...

I saw some thread on mailing list that say to take care of owner, groups
and permissions of files krb5.keytab and database. All looks good in
this side.

Any other areas to check ?

Regards,
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com<http://www.kezia.com/>
*Tel: +33 (0) 467 992 986*
Kezia Group