[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problems with SASL

--On Monday, March 22, 2004 3:34 PM -0600 Digant Kasundra <digant@uta.edu> wrote:

Hello everyone,

I'm trying to use SASL to authenticate users.  But, whenever I run
ldapwhoami or ldapsearch, or anything else, it fails b/c it tries to get a
ticket for ldap/omicron.uta.edu@UTA.EDU.  The correct realm is
KERB.UTA.EDU. I double checked my krb5.conf, krb.conf, and krb.realms and
they all mention KERB.UTA.EDU as the realm.  And in slapd.conf,
sasl_realm is set to KERB.UTA.EDU.  Anyone know why it is still trying to
get a ticket for the UTA.EDU realm?  Is it parsing the FQDN?


The problem here is that your K5 realm is in violation of RFC 1510, section 7.1.


(Posting here in case others ever see this issue as well).


Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html