the logs you attached seem to tell that the connection failed.
Does ldapsearch with the same conf options and credentials used in krb5.conf
actually work ?
----- Original Message -----
> I have strange problem with krb5 krb5-server-ldap and FC14. Tried to
> resolve it my self, but i'am stuck. Stangest thing is that all of this
> work perfectly with fc13 so it's no config issue. I could not find any
> major difference in krb5 from fc13 to fc14. Only thing is that libldap
> from openldap-clients is compiled with mozilla nss (fc14) instead of
> OpenSSL (fc13) but krb5kdc is connected to ldap servers which I
> confirmed in ldap server logs, so it should not be TLS related
> krb5kdc bind for first time and get realm related stuff. But when I
> kinit it returns "kinit: Generic error (see e-text) while getting
> initial credentials".
> Strangest this is that all works perfectly if I manually run krb5kdc
> "/usr/sbin/krb5kdc -r ST -P /var/run/krb5kdc.pid" instead of using
> Attached krb5.conf, patch to enhance krb5kdc debugging and log file
> created with this patch included.
> This may not be right list but I think that freeipa should have same
> bug. Feel free to ask for more debugging or probing new patches.
> Best regards,
> Zoran Pericic
> Freeipa-devel mailing list
Simo Sorce * Red Hat, Inc. * New York
Freeipa-devel mailing list