[Date Prev][Date Next] [Chronological] [Thread] [Top]


Hi Jose,

Got it to work.

In the end it was ownership of /etc/openldap/ldap.keytab.
-rw------- 1 root root 284 Aug 20 09:54 ldap.keytab

Changed to
-rw------- 1 ldap root 284 Aug 20 09:54 ldap.keytab

Thanks for pointing out "KRB5_KTNAME". Works like a dream.

I had other problems with my /etc/init.d/ldap but in the
end you're right. It's to do with keytab info not being
made available to Kerberos.

Thanks again.

Jose Gonzalez Gomez wrote:

You are able to kinit correctly, and it seems the only failing stuff is the LDAP authentication. This, combined with the error you posted, makes me think you must have indicated OpenLDAP a location where it cannot find its keytab. How are you telling OpenLDAP where to fins its keytab? Do you have a KRB5_KTNAME environmente variable defined? Where does it point?

   Best regards

O Plameras wrote:

Initially, I have my keytab in /etc/openldap/ldap.keytab. Then, I deleted it and have it in /etc/krb5.keytab.

I still get the same problem.