[Date Prev][Date Next]
Re: No ProxyAuthz with SASL-GSSAPI?
Quoting Jaap Winius <email@example.com>:
adding new entry "cn=ccolumbus,ou=groups,dc=example,dc=com"
ldap_add: Strong(er) authentication required (8)
There must be something else going on...
Following my own instructions for the simple bind configuration, I
reinstalled both the provider and the consumer, after which proxy
authorization worked as though there had never been a problem. Here's
what I did:
One important thing that I noticed in the syslog previously, when the
test modification was made from the consumer server, the consumer was
not binding properly to the provider. IIRC I was seeing this in the
syslog on the provider:
slapd: conn=1018 op=0 BIND dn="" method=128
Now it works and I'm seeing:
slapd: conn=1018 op=0 BIND dn="cn=ldaps2,dc=example,dc=com" method=128
This is now followed by a PROXYAUTHZ log entry, which did not appear
before. I would not be at all surprised that if next I reinstall my
SASL-GSSAPI test system, it will simply work.
Any idea what might cause a consumer, in a previously functioning
system, to suddenly stop binding properly to its provider?