[Date Prev][Date Next]
Re: SASL/GSSAPI: ldap_sasl_interactive_bind_s: Local error (-2)
On Sun, Dec 14, 2008 at 11:31 AM, Michael StrÃder <firstname.lastname@example.org> wrote:
Did you obtain a TGT before? What's the output of command klist?
I did obtain a TGT with kinit:
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: cameron@LOCAL
Valid starting Expires Service principal
12/14/08 00:40:14 12/14/08 10:40:14 krbtgt/LOCAL@LOCAL
renew until 12/15/08 00:40:12
There is an entry for ldap/ldap.local@LOCAL in /etc/krb5.keytab, and openldap has permission to
read it, but it isn't giving me a ticket when I connect as various articles on the internet implied it should. Additionally,
strace-ing ldap didn't show it opening or reading the keytab (if it should), nor doing anything else SASL
related other than loading the libraries.