[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL GSSAPI authentication error -please help

At 02:09 PM 8/19/2004, Turbo Fredriksson wrote:
>Quoting "Mohan" <mohan@roomsnet.com>:
>> I added the following line to slapd.conf
>> rootdn          "uid=ldapadmin,cn=RMSNET.COM,cn=gssapi,cn=auth"
>Remove this (and add ACL/ACI's instead).


>> pdc:~# ldapsearch
>> SASL/GSSAPI authentication started
>> ldap_sasl_interactive_bind_s: Invalid credentials (49)
>>         additional info: SASL(-13): authentication failure: GSSAPI Failure:
>> gss_accept_sec_context
>Try to run 'ldapwhoami'.

Wise to always start with ldapwhoami(8) when toying with IDs.
I suspect it would show the same error as it part of the
authentication exchange.

>You will need a 'sasl-regexp' in your slapd.conf file.

Not so.  Authentication DNs may be used as authorization
DNs, if so desired.

>        uid=(.*),cn=(.*),cn=gssapi,cn=auth
>        ldap:///dc=$2,dc=com??sub?(uid=$1)
>This just from the top of my head...