[Date Prev][Date Next] [Chronological] [Thread] [Top]

GSSAPI authentication not working any more


Some months ago I installed OpenLDAP 2.1.22 on a NetBSD system and
configured GSSAPI authentication for write access to the directory.
Everything worked fine; after I've added initial data, nobody had
to write to the directory, everybody only read from it which was
allowed with simple authentication.

Today I wanted to update some data and noticed GSSAPI authentication
isn't working any more. I don't know exactly which libraries were
updated since I successfully authenticated using GSSAPI the last time,
but SASL libraries are quite new. I tested GSSSAPI authentication using
the sample/sample-(server|client) from Cyrus SASL, which worked fine.
OpenLDAP ist still the same 2.1.22 version.

An excerpt from slapd.conf's database section of the database which
I can't authenticate to anymore:

rootdn "uid=jukka,cn=gssapi,cn=auth"
access to *
  by dn.base="uid=jukka,cn=gssapi,cn=auth" write
  by * read

$ ldapsearch -x
[...works fine...]
$ ldapsearch
ldap_sasl_interactive_bind_s: No such attribute (16)


Any help is appreciated!

TIA, Jukka

bashian roulette:
$ ((RANDOM%6)) || rm -rf ~