Kashif Ali Siddiqui wrote: > Nope. Same error occurs when I do > > ldapsearch -LLL -h <ip-address> -b <base-dn> -Y GSSAPI -X "dn:<dn-to- > user>" "objectclass=user" + > > Returns > ----------------------------------- > SASL/GSSAPI authentication started > ldap_sasl_interactive_bind_s: Invalid credentials > additional info: 8009030B: LdapErr: DSID-0C09043E, comment: > AcceptSecurityContext error, data 7a, vece > ----------------------------------- > > I think there is something missing in my configuration.
I'd check again whether the service principal name in the service ticket (displayed with klist) is available in AD (attribute servicePrincipalName in the DCs AD entry) and whether the DNS RRs are all correct for the host name in the service principal name and reverse lookup. Ciao, Michael. _______________________________________________ dev-tech-ldap mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-ldap
