[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite

To: openldap-technical@openldap.org
Subject: Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
From: Allan <cr4z3d@gmail.com>
Date: Fri, 14 Aug 2009 00:01:03 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:message-id:subject:to:content-type; bh=38XhJmxgEmQpoIlEiRmLnUD6uMnDyDbeKHfXMBTDBr4=; b=t+rFNLJoVjPDJpGCz6H2A1LQUIW11Y1JkJvx/m9Lm9hhNcHWQgyk6Nyj0BlGzrvgfn 0hqkm/9dpjCMJdR/cHr6k7q6zuO7hSFU2/Ko6fKqUc6X407k7Eo+n13dIJpmSDmzXsgZ MHK6aI1M03iMYb4vbf+MEFHHQvq7A3NUSjDgc=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; b=mwcixegu3Cw1fLUt+HQnIwwWbjbNqTpbWsBb3QDiw+e3uT9eaNgPLdJXULjb71szno vYmJW9/pmCJwFd/ujbJ05CVbqQg03EyG18GMOuuAtG5KK2obPDsJY3bVRk6RtrHxogO7 +jADL22j07PSSMPQTyQCvIzG9/r41Yyxxzn/8=
In-reply-to: <87k519qxj3.fsf@rubin.avci.de>
References: <1401255544-1249910948-cardhu_decombobulator_blackberry.rim.net-1991802318-@bxe1148.bisx.prod.on.blackberry> <358c9f370908101356h39ab7a12l5fe054f910ccb5db@mail.gmail.com> <87ws5btl2n.fsf@rubin.avci.de> <358c9f370908102112u3424bae5x4bb1a75309cd7a1a@mail.gmail.com> <87ljlqzlc8.fsf@rubin.avci.de> <358c9f370908110626r41344c36if36c0e1715d34953@mail.gmail.com> <87d472zcns.fsf@rubin.avci.de> <4A81D7D3.60901@symas.com> <358c9f370908111831w1e6d235en322dfcf49cc0d53e@mail.gmail.com> <87k519qxj3.fsf@rubin.avci.de>

I've made sure that krb5.keytab is own by the ldap group and group readable. I've come to the conlusion that this must have something to do with SASL since kinit works with ldap users. I'm unsure of where to go from here to continue trying to get this working.

On Wed, Aug 12, 2009 at 3:52 AM, Dieter Kluenter <dieter@dkluenter.de> wrote:

Allan <cr4z3d@gmail.com> writes:

> I have both those files, however, not sure if the permissions are set
> correctly:
>
> frisbee# ls -l /etc/krb5*
> -rw-r--r-- 1 root wheel 128 Aug 7 14:09 /etc/krb5.conf
> -rw------- 1 root wheel 286 Aug 7 16:01 /etc/krb5.keytab

Usually slapd is running as a unprivileged user, thus could not read
krb5.keytab, but it may be not the case on your system.

-Dieter

--
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°08'09,95"N
10°08'02,42"E

Follow-Ups:
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

References:
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: Allan <cr4z3d@gmail.com>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: Allan <cr4z3d@gmail.com>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: Allan <cr4z3d@gmail.com>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: Howard Chu <hyc@symas.com>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: Allan <cr4z3d@gmail.com>
- Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

Prev by Date: Re: syncrepl problem?
Next by Date: Re: OpenLDAP + Kerberos on FreeBSD 7.2, close to working but not quite
Index(es):
- Chronological
- Thread