[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: GSSAPI Error

To: cburke@innova-partners.com, OpenLDAP-software@OpenLDAP.org
Subject: RE: GSSAPI Error
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Thu, 02 Feb 2006 14:21:28 -0800
Content-disposition: inline
In-reply-to: <005301c62842$95a92280$1f0fa8c0@innova.local>
References: <005301c62842$95a92280$1f0fa8c0@innova.local>

--On Thursday, February 02, 2006 4:49 PM -0500 Chip Burke <cburke@innova-partners.com> wrote:

Just for testing purposes I set the permissions on ldap.keytab to 777 and
no luck.

As for a ticket, I do have a ticket. Klist has
ldap/Athens.innova.local@INNOVA.LOCAL listed...
ldap/Athens.innova.local@INNOVA.LOCAL being my principle and the ticket
time period is right.

This shouldn't be your ticket, this should be the principal in the keytab that the ldap sever has access to...

For example:


tribes:~> klist
Ticket cache: FILE:/tmp/krb5cc_54046_kYS222
Default principal: quanah@stanford.edu

Valid starting Expires Service principal 02/02/06 12:05:56 02/02/06 19:55:51 ldap/ldap9.stanford.edu@stanford.edu 02/02/06 13:44:05 02/02/06 19:55:51 ldap/ldap-dev0.stanford.edu@stanford.edu 02/02/06 13:48:38 02/02/06 19:55:51 ldap/ldap-dev1.stanford.edu@stanford.edu

As you can see, my ticket is for "quanah@stanford.edu" and I've accessed the ldap-dev0, ldap-dev1, and ldap9 LDAP servers @ Stanford.


--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

Follow-Ups:
- RE: GSSAPI Error
  - From: "Chip Burke" <cburke@innova-partners.com>

References:
- RE: GSSAPI Error
  - From: "Chip Burke" <cburke@innova-partners.com>

Prev by Date: RE: GSSAPI Error
Next by Date: Replication oddity in 2.3.19
Index(es):
- Chronological
- Thread