[Date Prev][Date Next]
RE: Problems with OpenLDAP 2.1.4 and Kerberos
--On Thursday, September 19, 2002 12:36 PM -0700 Anthony Brock
Setting the debug flag to -1 didn't appears to increase the output.
Thanks for the information concerning the "-I" flag. I was under a
different impression from the LDAP-Kerberos HOWTO.
Could this be an issue with our Active Directory setup? I'm intrigued by
the suggestion concerning the ldap/host@realm ticket (basically, I'm
grasping at straws).
Also, does anyone know how to better troubleshoot the SASL libraries? I
again tried the sample programs included with SASL v2, and they appeared
to work fine. Of course, this was when connecting to a UNIX server, not
a W2K server.
I'd be more curious about the keytab issue rather than the ticket. I guess
I'm not quite sure what you are doing. You are connecting to active
directory with the openldap ldapsearch binary? Or you are connecting to an
openldap server running on Windows? In the former case, neither the keytab
nor the ticket will do anything for you. In the latter, you definately
need the K5 ldap/<host> keytab.
Senior Systems Administrator
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html