LDAP with Kerberos authentification

To: debian-user@lists.debian.org
Subject: LDAP with Kerberos authentification
From: Eugen Wintersberger <eugen.wintersberger@jku.at>
Date: Thu, 30 Jun 2005 12:09:44 +0200
Message-id: <[🔎] 1120126184.7028.54.camel@hubbard>

Hi there
 I have a problem with slapd using Kerberos V (GSSAPI) authentification
on Debian 3.1 Sarge. The Kerberos configuration seems to be ok since
cyrus imap daemon uses it without any problems. 

I also added the appropriate principals to my Kerberos database and to
the krb5.keytab file:

 ldap/hubbard.hlphys.uni-linz.ac.at@HLPHYS.UNI-LINZ.AC.AT
 ldap/localhost@HLPHYS.UNI-LINZ.AC.AT

After getting my TGT with 

 > kinit admin

I tried a simple

 > ldapwhoami -h hubbard.hlphys.uni-linz.ac.at

and got the following error message

SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
        additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (No principal in keytab matches desired name)

I got a similar error with cyrus imapd before I changed the "servername" variable in imapd.conf to the 
hostname. 
Has anyone an idea what I'm doing wrong?

thanks 

  Eugen


-- 
Eugen Wintersberger <eugen.wintersberger@gmx.net>

Reply to:

Follow-Ups:
- Re: LDAP with Kerberos authentification
  - From: Ryan Schultz <schultz.ryan@gmail.com>

Prev by Date: Firefox permission problem?
Next by Date: RE: Help with broken Aptitude
Previous by thread: Solved: Firefox permission problem?
Next by thread: Re: LDAP with Kerberos authentification
Index(es):
- Date
- Thread