[Date Prev][Date Next]
RE: Need SASL idiot-proof walkthrough
I have done the sample-server and sample-client and successfully got to the
"Negotiation complete" part. But OpenLDAP is still giving me problems:
do_sasl_bind: dn () mech GSSAPI
SASL [conn=32] Failure: GSSAPI Error: Miscellaneous failure (see text)
(Decrypt integrity check failed)
The sasl tests work, kinit works, ??? I'm not sure what the problem could
be. I do have an entry for dn: uid=digant,cn=people,dc=uta,dc=edu and my
slapd.conf file has the following:
(I do notice that the bind dn is "" which makes me think my sasl-regexp is
From: Quanah Gibson-Mount
To: Digant Kasundra; 'email@example.com'
Sent: 3/26/2004 11:16 AM
Subject: Re: Need SASL idiot-proof walkthrough
--On Friday, March 26, 2004 10:21 AM -0600 Digant Kasundra
> Hello everyone,
> So far, no one has been able to decipher my SASL problem from my
> of log files and conf files etc. I have even cleanly reinstalled my
> machines. There is something basic and simple and stupid that I must
> missing. Can someone please give me a step-by-step walkthrough based
> the following information so I could make doubly sure that I am doing
> things properly?
> I have a KDC (running MIT KRB) on labrador.kerb.uta.edu. I have an
> OpenLDAP 2.2.7 box running on omicron.kerb.uta.edu. I have a realm
> KERB.UTA.EDU. I have a user dn: uid=digant,cn=people,dc=uta,dc=edu.
> An idiot-proof walkthrough would really help and I *KNOW* that's
> lot out of people and I wholely apologize for that. I've done it on
> own and no one can see a problem with the way I did it but it still
> doesn't work. So if someone can give me a step by step on which
> principals to create, what entry to create in the LDAP and what to put
> the slapd.conf (and any other important steps), I promise I will buy
> a pizza!
Have you compiled the test server/client that comes with Cyrus-SASL to
verify that it authenticates correctly via GSSAPI at that level?
See this link:
Principal Software Developer
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html