Kerberos, SASL issues
Daniel B. Thurman
dant at cdkkt.com
Thu Nov 17 23:48:19 UTC 2005
Hi Folks,
I have gotten LDAP with basic authenication and with SSL/TLS
working. I am trying to get kerberos working as well.
I am trying to figure out why SASL is not working and here is
the debug output of several commands have have a common
issue:
================================================
ldapsearch $dbg -H ldap://ldap.cdkkt.com/ -b dc=cdkkt,dc=com
ldapwhoami
================================================
[long unlreaded output, snipped out...]
.
ldap_sasl_interactive_bind_s: server supports: GSSAPI
ldap_int_sasl_bind: GSSAPI
ldap_int_sasl_open: host=205.cdkkt.218.99.216.in-addr.arpa
SASL/GSSAPI authentication started
ldap_perror
ldap_sasl_interactive_bind_s: Local error (-2)
additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous
failure (Server not found in Kerberos database)
Can anyone shed some light on this? I cannot seem to figure out what
exactly I am missing in my configuration. I am using the kerberos.cdkkt.com
host name and added that in as a principal but apparently this does not
work.
Note: I *think* it might be a reverse-dns issue but I am not really
sure. If this is the case then perhaps what was returned on a
reverse-dns might need to be added as a host principal. Beats me.
I am working with my ISP to at least resolve the the reverse-dns
anyway even if this might not be the real issue here.
Any suggestions would be appreciated!
Thanks,
Dan
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.13.3/173 - Release Date: 11/16/2005
More information about the users
mailing list