[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: ldapadd SASL(-1): generic failure: GSSAPI Error:
- To: "Stewart Walker" <swalker@caspercollege.edu>, <openldap-software@OpenLDAP.org>
- Subject: RE: ldapadd SASL(-1): generic failure: GSSAPI Error:
- From: "Chapman, Kyle" <Kyle_Chapman@G1.com>
- Date: Wed, 21 Apr 2004 18:18:34 -0400
- Content-class: urn:content-classes:message
- Importance: normal
- Thread-index: AcQn7R8cMw5j2PvQToKe+ITCF89awAAAycyA
- Thread-topic: ldapadd SASL(-1): generic failure: GSSAPI Error:
are you trying to use sasl/gssapi to do the ldapadd, or do you want to use a simple bind? are you sure sasl/gssapi is working (can you do an ldapsearch with that mech). have you created the ldap principal in your kerberos db?
-----Original Message-----
From: Stewart Walker [mailto:swalker@caspercollege.edu]
Sent: Wednesday, April 21, 2004 6:08 PM
To: openldap-software@OpenLDAP.org
Subject: ldapadd SASL(-1): generic failure: GSSAPI Error:
Redhat Linux ES3
OpenLDAP-2.1.22-8
I've been searching, reading the man pages and am unable
to find out why ldapadd refuses to add these entries on
this test machine.
I can connect using both ldap browser and
directory administrator.. LDAP Directory Management tool
but there is nothing to look at :>(
Believe things are setup to use plain text passwords
unless I missed something..
Was wondering if someone could be so kind and help me out.
Thanks in advance.
ldapadd -S ldif_error -v -D /
"cn=Manager,ou=ldap1,ou=test_server,o=caspercollege,c=edu" /
-f defineroot.ldif -w secret
or
[root@test_server test]# ldapadd -f defineroot.ldif
and both return
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (82)
additional info: SASL(-1): generic failure: GSSAPI Error:
Miscellaneous failure (No credentials cache found)
[root@test_server test]#
on this ldif file
dn: o=caspercollege,c=edu
objectclass: top
objectclass: organization
o: caspercollege
dn: ou=test_server,o=caspercollege,c=edu
ou: test_server
objectclass: organizationalUnit
objectclass: top
description: Administrative Services Linux Server
dn: ou=ldap1,ou=test_server,o=caspercollege,c=edu
ou: ldap1
objectclass: organizationalUnit
objectclass: top
description: Administrative Services LDAP Server
#
#
/etc/openldap/ldap.conf
#
#
# $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v 1.4.8.6
2000/09/05 17:54:38
kurt Exp $
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
HOST 127.0.0.1
BASE ou=ldap1,ou=test_server,o=caspercollege,c=edu
#
#
snipit of /etc/openldap/slapd.conf
#
# database ldbm
database bdb
suffix "ou=ldap1,ou=test_server,o=caspercollege,c=edu"
rootdn
"cn=Manager,ou=ldap1,ou=test_server,o=caspercollege,c=edu"
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw secret
# rootpw {crypt}ijFYNcSNctBYg
\\|//
-(@ @)-
===oOO==(_)==OOo======================
Stewart Walker
swalker@caspercollege.edu
NOTICE: This E-mail may contain confidential information. If you are not
the addressee or the intended recipient please do not read this E-mail
and please immediately delete this e-mail message and any attachments
from your workstation or network mail system. If you are the addressee
or the intended recipient and you save or print a copy of this E-mail,
please place it in an appropriate file, depending on whether
confidential information is contained in the message.