[Date Prev][Date Next]
Re: problem with SASL authentication and Kerberos
--On Thursday, April 08, 2004 1:33 PM -0400 Jeffrey Layton
On Wed, 2004-04-07 at 13:39, Jeffrey Layton wrote:
I have a rather odd situation with OpenLDAP, GSSAPI, and SASL. I
recently changed my Kerberos KDC from MIT kerberos to Heimdal, and at
the same time, changed my Kerberos realm name. Prior to this I had
everything working fine.
With a hint, I figured out the problem. I had changed everything over
except for the reverse lookups in my DNS domain. Those still pointed
to the old domain. When I fixed that, the krbtgt request problem was
fixed. Moral of this story: DNS matters when dealing with
Yes, if you read the K5 RFC, you will understand why that is. ;) I read it
over when helping Digant with his GSSAPI issues, and it explains a lot...
Principal Software Developer
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html