thr3ads.net - samba - [Samba] Cannot conect LDAP to Kerberos [Oct 2006]

If this information is useful, please help other people find it:
Share via:

Diego Alencar Alves de Lima

2006-Oct-12 02:55 UTC

[Samba] Cannot conect LDAP to Kerberos

I'm trying to set up my ldap directory to use kerberos passwords. I have 
compiled openldap with --with-kpasswd, added the principal 
ldap/iceage.sg.org.br@SG.ORG.BR to kerberos. Also, I have prepared the user 
entries in LDAP with these fields (in addition to other ones):

objectClass: krb5Principal
krb5PrincipalName: diego@SG.ORG.BR
cn: Diego Lima
userPassword: {KERBEROS}diego@SG.ORG.BR


I could contact the server using:
ldapsearch -H ldap://iceage.sg.org.br/ -x -b "" -s base -LLL 
supportedSASLMechanisms

and it returned

dn:
supportedSASLMechanisms: GSSAPI


However when I try to use the kerberos database I get this error:

iceage:/etc/ldap# ldapsearch -H ldap:/// -I -b "" -s base -LLL 
supportedSASLMechanisms
SASL/GSSAPI authentication started
SASL Interaction
Please enter your authorization name: diego
ldap_sasl_interactive_bind_s: Local error (-2)
        additional info: SASL(-1): generic failure: GSSAPI Error: 
Miscellaneous failure (Server not found in Kerberos database)

Any ideas?
Thanks!
-- 
Diego Lima
http://sg.homelinux.com:81
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
Url :
http://lists.samba.org/archive/samba/attachments/20061011/a708bbf8/attachment.bin

Reasonably Related Threads

Search for more possibly parallel threads

samba - Oct 2006 - Cannot conect LDAP to Kerberos

[Samba] Cannot conect LDAP to Kerberos

Reasonably Related Threads

Wisdom of the Ancients