[Date Prev][Date Next] [Chronological] [Thread] [Top]


--On Thursday, February 02, 2006 4:49 PM -0500 Chip Burke <cburke@innova-partners.com> wrote:

Just for testing purposes I set the permissions on ldap.keytab to 777 and
no luck.

As for a ticket, I do have a ticket. Klist has
ldap/Athens.innova.local@INNOVA.LOCAL listed...
ldap/Athens.innova.local@INNOVA.LOCAL being my principle and the ticket
time period is right.

This shouldn't be your ticket, this should be the principal in the keytab that the ldap sever has access to...

For example:

tribes:~> klist Ticket cache: FILE:/tmp/krb5cc_54046_kYS222 Default principal: quanah@stanford.edu

Valid starting Expires Service principal
02/02/06 12:05:56 02/02/06 19:55:51 ldap/ldap9.stanford.edu@stanford.edu
02/02/06 13:44:05 02/02/06 19:55:51 ldap/ldap-dev0.stanford.edu@stanford.edu
02/02/06 13:48:38 02/02/06 19:55:51 ldap/ldap-dev1.stanford.edu@stanford.edu

As you can see, my ticket is for "quanah@stanford.edu" and I've accessed the ldap-dev0, ldap-dev1, and ldap9 LDAP servers @ Stanford.


Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html