[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Client reports "Can't Contact LDAP server"

To: Tony Earnshaw <tonni@billy.demon.nl>
Subject: Re: Client reports "Can't Contact LDAP server"
From: Stephen Torri <storri@sbcglobal.net>
Date: 27 Aug 2002 21:21:42 -0500
Cc: openldap <openldap-software@OpenLDAP.org>, Howard Chu <hyc@symas.com>
In-reply-to: <1030287708.1470.79.camel@billy.demon.nl>
References: <5.1.0.14.0.20020824210521.03b024e0@127.0.0.1> <1030281505.1653.1.camel@base.torri.linux> <1030287708.1470.79.camel@billy.demon.nl>

On Sun, 2002-08-25 at 10:01, Tony Earnshaw wrote:

> If, as Kurt has pointed out, this is a certificate-related problem
> (which in my own experience mostly similar problems are), the you won't
> yet have enough knowledge to know what the slapd debugging output means.
> The best choice for this is '-d 5', but all you'll see is that there is
> no ldapbind, not why.

I did see the first problem. The name it was looking for when ldapsearch
was:

ldapsearch -H ldaps:/// -I -b "" -s base -LLL supportedSASLMechanisms

"localhost" instead of what the certificate had for host
"alpha.torri.linux.

I am still getting the GSSAPI miscellaneous error for users 'torri' (my
normal one) and 'root'. The output that I am getting now is:

(done as user 'torri' with valid Kerberos ticket)
SASL/GSSAPI Authentication started
SASL Interaction
Please enter your authorization name: (Pressed enter)
ldap_sasl_interactive_bind_s: Invalid credentials
	additional info: GSSAPI: gss_accept_sec_context: Miscellaneous failure.
Decrypt integrity check faild.

Stephen

References:
- Re: Client reports "Can't Contact LDAP server"
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: Client reports "Can't Contact LDAP server"
  - From: Stephen Torri <storri@sbcglobal.net>
- Re: Client reports "Can't Contact LDAP server"
  - From: Tony Earnshaw <tonni@billy.demon.nl>

Prev by Date: Re: newbie question. SASL auth.
Next by Date: RE: Client reports "Can't Contact LDAP server"
Index(es):
- Chronological
- Thread