[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap_int_sasl_open (ITS#1586)

At 03:37 AM 2002-02-07, J.Campbell@bham.ac.uk wrote:
>Full_Name: Jim Campbell
>Version: 2.018
>OS: Solaris 2.x
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (
>I have a problem with ldap and GSSAPI:
>The problem relates to the ldap sasl initiating with a name which is NOT
>fully qualified (hence getting request for TGS ticket for wrong principle)
>ldapsearch -d 999 -Y GSSAPI -I -H 'ldap://npsmx.ph.bham.ac.uk'
>ldap_interactive_sasl_bind_s: user selected: GSSAPI
>ldap_int_sasl_bind: GSSAPI
>ldap_connect_to_host: npsmx.ph.bham.ac.uk
>ldap_pvt_gethostbyname_a: host=npsmx.ph.bham.ac.uk, r=0
>ldap_new_socket: 4
>ldap_prepare_socket: 4
>ldap_connect_to_host: Trying
>ldap_connect_timeout: fd: 4 tm: -1 async: 0
>ldap_ndelay_on: 4
>ldap_ndelay_off: 4
>ldap_int_sasl_open: host=npsmx
>SASL/GSSAPI authentication started
>SASL Interaction
>Please enter your authorization name: 
>ldap_sasl_interactive_bind_s: Local error
>2002-02-07T11:17:56 Server not found in database: ldap/npsmx@NP.PH.BHAM.AC.UK:
>No such file or direc
>The entry requested should be ldap/npsmx.ph.bham.ac.uk@NP.PH.BHAM.AC.UK

This is because gethostbyaddr() returned "npsmx" not "npsmx.ph.bham.ac.uk".
You need to fix your configuration so the appropriate domain name
is returned for the server's address.