[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite

To: Dieter Kluenter <dieter@dkluenter.de>
Subject: Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
From: Howard Chu <hyc@symas.com>
Date: Tue, 11 Aug 2009 13:42:59 -0700
Cc: Allan <cr4z3d@gmail.com>, openldap-technical@openldap.org
In-reply-to: <87d472zcns.fsf@rubin.avci.de>
References: <1401255544-1249910948-cardhu_decombobulator_blackberry.rim.net-1991802318-@bxe1148.bisx.prod.on.blackberry> <358c9f370908101356h39ab7a12l5fe054f910ccb5db@mail.gmail.com> <87ws5btl2n.fsf@rubin.avci.de> <358c9f370908102112u3424bae5x4bb1a75309cd7a1a@mail.gmail.com> <87ljlqzlc8.fsf@rubin.avci.de> <358c9f370908110626r41344c36if36c0e1715d34953@mail.gmail.com> <87d472zcns.fsf@rubin.avci.de>
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; rv:1.9.1b5pre) Gecko/20090809 SeaMonkey/2.0a1pre Firefox/3.0.3

Dieter Kluenter wrote:

Allan<cr4z3d@gmail.com>  writes:

Seems like slapd is linked to gssapi and sasl. Are there simply command line
options I'm missing to start up slapd?

frisbee# ldd /usr/local/libexec/slapd
/usr/local/libexec/slapd:
     libldap_r-2.4.so.6 =>  /usr/local/lib/libldap_r-2.4.so.6 (0x2820b000)
     liblber-2.4.so.6 =>  /usr/local/lib/liblber-2.4.so.6 (0x28250000)
     libdb-4.6.so.0 =>  /usr/local/lib/libdb-4.6.so.0 (0x2825d000)
     libsasl2.so.2 =>  /usr/local/lib/libsasl2.so.2 (0x28385000)
     libgssapi.so.9 =>  /usr/lib/libgssapi.so.9 (0x2839c000)


This seem to be different libraries than the sasl libraries, as below:

/usr/local/lib/sasl2/libgssapiv2.a
/usr/local/lib/sasl2/libgssapiv2.la
/usr/local/lib/sasl2/libgssapiv2.so
/usr/local/lib/sasl2/libgssapiv2.so.2

These usually are dynamically loaded by libsasl2, so they would never bedirectly linked into the slapd (or any other) binaries.

Most likely the gssapi plugin is not initializing itself, maybe because thereis no krb5.conf file, or because there is no keytab with slapd's key inside,or the files are not readable by slapd, etc...


--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Follow-Ups:
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: Allan <cr4z3d@gmail.com>

References:
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: Allan <cr4z3d@gmail.com>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: Allan <cr4z3d@gmail.com>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: Allan <cr4z3d@gmail.com>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

Prev by Date: Re: ppolicy and ACLs of pwdAccountLockedTime?
Next by Date: Re: LDAP stopping without apparent reason
Index(es):
- Chronological
- Thread