[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with SASL and GSSAPI



Hi,
I have configured my 2.0.7 OpenLDAP server with SASL/GSSAPI
But I'm having errors which I dont understand. I tried to find informations
on the web, in mailing-lists, wihtout success. So, help would be
appreciated.

Here are the results of my commands:

[root@testbed openldap]#
[root@testbed openldap]# ldapmodify -x -D "cn=Manager,dc=linkvest,dc=com" -w
asd -f sample.ldif -r
modifying entry "dc=linkvest,dc=com"

modifying entry "cn=Manager,dc=linkvest,dc=com"

modifying entry "dc=Users,dc=linkvest,dc=com"
ldap_modify: No such object
        matched DN: "dc=linkvest,dc=com"

ldif_record() = 32

[root@testbed openldap]# klist
klist: No credentials cache file found (ticket cache FILE:/tmp/krb5cc_0)


Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached

[root@testbed openldap]# ldapmodify -D "cn=Manager,dc=linkvest,dc=com" -f
sample.ldif -r -W
Enter LDAP Password:
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error

[root@testbed openldap]# kinit jec
Password for jec@LINKVEST.COM:

[root@testbed openldap]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: jec@LINKVEST.COM
 
Valid starting     Expires            Service principal
03/16/01 18:41:26  03/17/01 04:41:26  krbtgt/LINKVEST.COM@LINKVEST.COM
 
 
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached

[root@testbed openldap]# ldapmodify -D "cn=Manager,dc=linkvest,dc=com" -f
sample.ldif -r -W
Enter LDAP Password:
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Unknown error
        additional info: GSSAPI: gss_acquire_cred: Miscellaneous failure;
Permission denied;

[root@testbed openldap]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: jec@LINKVEST.COM
 
Valid starting     Expires            Service principal
03/16/01 18:41:26  03/17/01 04:41:26  krbtgt/LINKVEST.COM@LINKVEST.COM
03/16/01 18:41:33  03/17/01 04:41:26  ldap/testbed.linkvest.com@LINKVEST.COM
03/16/01 18:41:33  03/17/01 04:41:26  ldap/testbed.linkvest.com@LINKVEST.COM
 
 
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached

Any idea?
Thanks.
-jec



_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
Jean-Eric Cuendet
Linkvest SA
Av des Baumettes 19, 1020 Renens Switzerland
Tel +41 21 632 9043  Fax +41 21 632 9090
http://www.linkvest.com  E-mail: jean-eric.cuendet@linkvest.com
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _