On 11/06/11 10:54 -0700, Richard A Nelson wrote:
$ ldapwhoami SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Invalid credentials (49) additional info: SASL(-13): authentication failure: GSSAPI Failure: gss_accept_sec_context$ ldapwhoami SASL/GSSAPI authentication started SASL username: cowboy@<REALM> SASL SSF: 56 SASL data security layer installed. dn:uid=cowboy,ou=users,dc=... $ ldapwhoami SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80) additional info: SASL(-1): generic failure: GSSAPI Error: No credentials were supplied, or the credentials were unavailable or inaccessible. (unknown mech-code 0 for mech unknown)
Do you have libsasl2-modules-gssapi-mit or libsasl2-modules-gssapi-heimdal installed, and what version? Is your slapd running on a separate host? If so, is it using the same version of libsasl2-modules-gssapi-*? Do you see anything useful in your /var/log/auth.log on the server or client? What kerberos server are you using, and do you see anything in it's syslog output? Would you mind sharing an anonymized copy of your /etc/ldap.conf and ~/.ldaprc? -- Dan White -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
