[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Client reports "Can't Contact LDAP server"

On Sun, 2002-08-25 at 10:01, Tony Earnshaw wrote:
> If, as Kurt has pointed out, this is a certificate-related problem
> (which in my own experience mostly similar problems are), the you won't
> yet have enough knowledge to know what the slapd debugging output means.
> The best choice for this is '-d 5', but all you'll see is that there is
> no ldapbind, not why.

I did see the first problem. The name it was looking for when ldapsearch

ldapsearch -H ldaps:/// -I -b "" -s base -LLL supportedSASLMechanisms

"localhost" instead of what the certificate had for host

I am still getting the GSSAPI miscellaneous error for users 'torri' (my
normal one) and 'root'. The output that I am getting now is:

(done as user 'torri' with valid Kerberos ticket)
SASL/GSSAPI Authentication started
SASL Interaction
Please enter your authorization name: (Pressed enter)
ldap_sasl_interactive_bind_s: Invalid credentials
	additional info: GSSAPI: gss_accept_sec_context: Miscellaneous failure.
Decrypt integrity check faild.