[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: ldap error

--On Tuesday, April 08, 2003 1:22 PM -0400 "Yelich, Scott D." <syelich@commerzbank-usa.com> wrote:

       additional info: SASL(-1): generic failure: GSSAPI Error:
       Miscellaneous failure (No principal in keytab matches desired

With the above command/error -- how does one find out which "principal" the sasl/gssapi is

using?!  if it doesn't tell you, how the hell are you supposed to be able
to add it?  -d on slapd doesn't tell.

truss on slapd and truss on ldapsearch don't tell.


From your email, and the error you are reporting, my guess is you have not
read how to set up LDAP using K5. You don't really give any useful information to the version of OpenLDAP you are running, or if you have compiled it against K5 and cyrus-sasl.

This page is a bit out of date, but it may give you some help.

I'm planning on putting together some pages on how to set up OpenLDAP in a kerberized environment, but haven't had the time to do so yet.

For future reference, for K5 enabled OpenLDAP, it requires an ldap principle to exist in your keytab file.


Quanah Gibson-Mount
Senior Systems Administrator
ITSS/TSS/Computing Systems
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html