[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with SASL and GSSAPI

There was a thread started by Jean-Eric Cuendet back in March with
this subject that ended without complete resolution and was started by
this message:


I have found myself with a similar scenario (Permission denied in
gss_acquire_cred) and I have found it happens when slapd runs as non
root.  Current OpenLDAP packages by RedHat do this.

The workaround consists in using a different keytab owned by the user
slapd runs as.

I have sketched the whole method at:


This answer comes a little late, but search engines did not return
easily pointers to the needed answer, that is learning about the
KRB5_KTNAME environment varibale.  As a matter of fact, the answer
most likely to be found is that there is no solution.