[Date Prev][Date Next] [Chronological] [Thread] [Top]

additional info: SASL(-13): authentication failure: GSSAPI Failure: gss_accept_sec_context

I'm now trying to get OpenLDAP v2.1.13 to work with KTH Heimdal KDC.

I got the same thing once when I was trying MIT Kerberos V, but that
time it was because I was running as 'root' with ticket for 'turbo'.
This time, with Heimdal, I'm doing it as 'turbo' with ticket for 'turbo',
so I'm stumped... Any idea anyone?

----- s n i p -----
turbo@majorskan:~$ kdestroy
turbo@majorskan:~$ klist
klist: No ticket file: /tmp/krb5cc_1000

   V4-ticket file: /tmp/tkt1000
klist: No ticket file (tf_util)
turbo@majorskan:~$ file /tmp/krb5cc_1000
/tmp/krb5cc_1000: can't stat `/tmp/krb5cc_1000' (No such file or directory).
turbo@majorskan:~$ kinit
turbo@BAYOUR.COM's Password:
kinit: converting creds: Cannot contact any KDC for requested realm
turbo@majorskan:~$ klist
Credentials cache: FILE:/tmp/krb5cc_1000
        Principal: turbo@BAYOUR.COM

  Issued           Expires          Principal
Mar  3 09:51:28  Mar  3 19:51:23  krbtgt/BAYOUR.COM@BAYOUR.COM
Mar  3 09:51:30  Mar  3 19:51:23  krbtgt/BAYOUR.COM@BAYOUR.COM

   V4-ticket file: /tmp/tkt1000
klist: No ticket file (tf_util)
turbo@majorskan:~$ ldapsearch -U turbo -LLL -h majorskan objectclass=*
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Invalid credentials (49)
        additional info: SASL(-13): authentication failure: GSSAPI Failure: gss_accept_sec_context
turbo@majorskan:~$ klist
Credentials cache: FILE:/tmp/krb5cc_1000
        Principal: turbo@BAYOUR.COM

  Issued           Expires          Principal
Mar  3 09:51:28  Mar  3 19:51:23  krbtgt/BAYOUR.COM@BAYOUR.COM
Mar  3 09:51:30  Mar  3 19:51:23  krbtgt/BAYOUR.COM@BAYOUR.COM
Mar  3 09:51:50  Mar  3 19:51:23  ldap/majorskan.bayour.com@BAYOUR.COM

   V4-ticket file: /tmp/tkt1000
klist: No ticket file (tf_util)
----- s n i p -----