[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap_int_sasl_open (ITS#1586)

To: openldap-its@OpenLDAP.org
Subject: Re: ldap_int_sasl_open (ITS#1586)
From: Kurt@OpenLDAP.org
Date: Sat, 9 Feb 2002 04:24:53 GMT

At 03:37 AM 2002-02-07, J.Campbell@bham.ac.uk wrote:
>Full_Name: Jim Campbell
>Version: 2.018
>OS: Solaris 2.x
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (147.188.40.2)
>
>
>I have a problem with ldap and GSSAPI:
>
>The problem relates to the ldap sasl initiating with a name which is NOT
>fully qualified (hence getting request for TGS ticket for wrong principle)
>
>ldapsearch -d 999 -Y GSSAPI -I -H 'ldap://npsmx.ph.bham.ac.uk'
>ldap_create
>ldap_url_parse_ext(ldap://npsmx.ph.bham.ac.uk)
>ldap_interactive_sasl_bind_s: user selected: GSSAPI
>ldap_int_sasl_bind: GSSAPI
>ldap_new_connection
>ldap_int_open_connection
>ldap_connect_to_host: npsmx.ph.bham.ac.uk
>ldap_pvt_gethostbyname_a: host=npsmx.ph.bham.ac.uk, r=0
>ldap_new_socket: 4
>ldap_prepare_socket: 4
>ldap_connect_to_host: Trying 147.188.41.18:389
>ldap_connect_timeout: fd: 4 tm: -1 async: 0
>ldap_ndelay_on: 4
>ldap_ndelay_off: 4
>ldap_int_sasl_open: host=npsmx
>SASL/GSSAPI authentication started
>SASL Interaction
>Please enter your authorization name: 
>ldap_perror
>ldap_sasl_interactive_bind_s: Local error
>
>2002-02-07T11:17:56 Server not found in database: ldap/npsmx@NP.PH.BHAM.AC.UK:
>No such file or direc
>tory
>
>The entry requested should be ldap/npsmx.ph.bham.ac.uk@NP.PH.BHAM.AC.UK

This is because gethostbyaddr() returned "npsmx" not "npsmx.ph.bham.ac.uk".
You need to fix your configuration so the appropriate domain name
is returned for the server's address.

Prev by Date: Re: National characters isn't case insensitive searchable (ITS#1584)
Next by Date: Re: atexit-handler causes segfault when dlopen-ed libldap is unloaded prior to program termination (ITS#1577)
Index(es):
- Chronological
- Thread