[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap_int_sasl_open (ITS#1586)

Full_Name: Jim Campbell
Version: 2.018
OS: Solaris 2.x
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

I have a problem with ldap and GSSAPI:

The problem relates to the ldap sasl initiating with a name which is NOT
fully qualified (hence getting request for TGS ticket for wrong principle)

ldapsearch -d 999 -Y GSSAPI -I -H 'ldap://npsmx.ph.bham.ac.uk'
ldap_interactive_sasl_bind_s: user selected: GSSAPI
ldap_int_sasl_bind: GSSAPI
ldap_connect_to_host: npsmx.ph.bham.ac.uk
ldap_pvt_gethostbyname_a: host=npsmx.ph.bham.ac.uk, r=0
ldap_new_socket: 4
ldap_prepare_socket: 4
ldap_connect_to_host: Trying
ldap_connect_timeout: fd: 4 tm: -1 async: 0
ldap_ndelay_on: 4
ldap_ndelay_off: 4
ldap_int_sasl_open: host=npsmx
SASL/GSSAPI authentication started
SASL Interaction
Please enter your authorization name: 
ldap_sasl_interactive_bind_s: Local error

2002-02-07T11:17:56 Server not found in database: ldap/npsmx@NP.PH.BHAM.AC.UK:
No such file or direc

The entry requested should be ldap/npsmx.ph.bham.ac.uk@NP.PH.BHAM.AC.UK

Funnily enough if I fudge this then things get started but SLAPD itself looks
for the correct entry!!

kadmin> add -r ldap/npsmx