[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: MIT kerberos gss-client on win! pls help



Please note that this list is for discussing the development
of OpenLDAP Software.  http://www.openldap.org/lists/

If your question is specific to OpenLDAP software, please
direct it to the openldap-software mailing list.  Otherwise,
please direct your question to a list appropriate for the
question.

Thanks, Kurt

At 08:15 PM 2002-01-02, Gurlal Brar wrote:
>> hi all,
>>       i am facing a problem in running MIT gss-client on Windows NT.its
>> giving following problem 
>> 
>>       GSS-API error initializing context: Miscellaneous failure
>>       GSS-API error initializing context: Generic error (see e-text)
>>       
>> KDC is running on Solaris machine
>> host name and service name is in lower case
>> i will be very thankful to you! pls help
>> regards
>> G. BRAR
>> 
>>       
>> 
>> 
>> At 05:35 PM 11/15/00 +0100, Norbert Klasen wrote: 
>> >Hi,
>>  >the GSSAPI mechanism included in the IBM SecureWay Directory Client SDK 
>> >uses tickets in which the service component of the server principal is
>>  >in capital letters, i.e. LDAP/server@REALM.
>>  >OpenLDAP (with Cyrus SASL and MIT krb5) expects the service to be in 
>> >lower case though, i.e. ldap/server@REALM, and thus aborts with 
>> >"gss_accept_sec_context: Miscellaneous failure; Wrong principal in 
>> >request;"
>>  >rfc1510, 7.2.1 states that the hostname must be in lower case, but what 
>> >about the service name? It should be lower case as well. Kurt 
>>