[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap error



On Apr 8 at 12:23pm, Yelich, Scott D. wrote:

> Miscellaneous failure (No principal in keytab matches desired name)

Here's what to look for:

1) you have done a kinit (klist shows you have a credential)?
2) the LDAP server has a keytab file that has an entry in it for the 
principal ldap/MACHINE_NAME@REALM  (where MACHINE_NAME is the name of 
your ldap server and REALM is your Kerberos Realm)?
3) the keytab file is readable by the userid running slapd?
4) if the keytab file is not the default (/etc/krb5.keytab on my system) 
then the environment variable (KRB5_KTNAME) in the slapd environment 
points at it (or if your version of slapd supports it -- the slapd.conf 
file specifies where the keytab file is)?

-- 
Frank Swasey                    | http://www.uvm.edu/~fcs
Systems Programmer              | Always remember: You are UNIQUE,
University of Vermont           |    just like everyone else.
                    === God Bless Us All ===