[Date Prev][Date Next]
Re: LDAP, SASL2, and KERBEROS5
Got it to work.
In the end it was ownership of /etc/openldap/ldap.keytab.
-rw------- 1 root root 284 Aug 20
-rw------- 1 ldap root 284 Aug 20
Thanks for pointing out "KRB5_KTNAME". Works like a dream.
I had other problems with my /etc/init.d/ldap but in the
end you're right. It's to do with keytab info not being
made available to Kerberos.
Jose Gonzalez Gomez wrote:
You are able to kinit correctly, and it seems the only failing
stuff is the LDAP authentication. This, combined with the error you
posted, makes me think you must have indicated OpenLDAP a location
where it cannot find its keytab. How are you telling OpenLDAP where to
fins its keytab? Do you have a KRB5_KTNAME environmente variable
defined? Where does it point?
O Plameras wrote:
Initially, I have my keytab in /etc/openldap/ldap.keytab.
Then, I deleted it and have it in /etc/krb5.keytab.
I still get the same problem.