[Date Prev][Date Next]
Re: Client reports "Can't Contact LDAP server"
On Sun, 2002-08-25 at 10:01, Tony Earnshaw wrote:
> If, as Kurt has pointed out, this is a certificate-related problem
> (which in my own experience mostly similar problems are), the you won't
> yet have enough knowledge to know what the slapd debugging output means.
> The best choice for this is '-d 5', but all you'll see is that there is
> no ldapbind, not why.
I did see the first problem. The name it was looking for when ldapsearch
ldapsearch -H ldaps:/// -I -b "" -s base -LLL supportedSASLMechanisms
"localhost" instead of what the certificate had for host
I am still getting the GSSAPI miscellaneous error for users 'torri' (my
normal one) and 'root'. The output that I am getting now is:
(done as user 'torri' with valid Kerberos ticket)
SASL/GSSAPI Authentication started
Please enter your authorization name: (Pressed enter)
ldap_sasl_interactive_bind_s: Invalid credentials
additional info: GSSAPI: gss_accept_sec_context: Miscellaneous failure.
Decrypt integrity check faild.