LDAP with Kerberos authentification
Hi there
I have a problem with slapd using Kerberos V (GSSAPI) authentification
on Debian 3.1 Sarge. The Kerberos configuration seems to be ok since
cyrus imap daemon uses it without any problems.
I also added the appropriate principals to my Kerberos database and to
the krb5.keytab file:
ldap/hubbard.hlphys.uni-linz.ac.at@HLPHYS.UNI-LINZ.AC.AT
ldap/localhost@HLPHYS.UNI-LINZ.AC.AT
After getting my TGT with
> kinit admin
I tried a simple
> ldapwhoami -h hubbard.hlphys.uni-linz.ac.at
and got the following error message
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (No principal in keytab matches desired name)
I got a similar error with cyrus imapd before I changed the "servername" variable in imapd.conf to the
hostname.
Has anyone an idea what I'm doing wrong?
thanks
Eugen
--
Eugen Wintersberger <eugen.wintersberger@gmx.net>
Reply to: