[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with nss-ldap using GSSAPI

To: openldap-technical@openldap.org
Subject: Problem with nss-ldap using GSSAPI
From: Wojtek Polcwiartek <polcwiartek@tubit.tu-berlin.de>
Date: Wed, 30 Dec 2009 12:32:32 +0100
User-agent: Thunderbird 2.0.0.23 (X11/20090817)

Hello,

we use ldap as name source in our system (libnss-ldap).
Until now we used anonymous bind with LDAP and it worked fine.

Now we want to switch to GSSAPI (MIT Krb5), but getting names ('getentpasswd <name>') does not work: no result is returned/printed.Strange is that, when we run the query in debug-mode (debug 7 in/etc/ldap.conf), you can see the correct result in the debug part (in"hexes") but at the end no result is printed .

The only error message we could see is:
res_errno: 14, res_error: <SASL(0): successful result: >, res_matched: <>

Querying LDAP with ldapsearch still works fine.

Do You have any idea how to get closer to the source of the problem?

We use Ubuntu Karmic as client (repo package) and Solaris10 (withOpenLdap 2.4.16) as server.


Greetings!

--
Wojtek Polcwiartek

------
tubIT
TU-Berlin
Web   : www.tubit.tu-berlin.de
Email : tubit@tu-berlin.de
Tel   : +49.30.314.28000

Prev by Date: Clients can't authenticate via consumer server
Next by Date: Re: changing rootdn password
Index(es):
- Chronological
- Thread