coady wrote:
Both the LDAP cient and Kerboros server are running Solaris 8. Sun Directory server 5.2.
bash-2.03# klist -ef Ticket cache: FILE:/tmp/krb5cc_0 Default principal: testadmin/[EMAIL PROTECTED]
Valid starting Expires Service principal
02/14/05 09:30:57 02/14/05 19:30:57 krbtgt/[EMAIL PROTECTED]
renew until 02/14/05 09:30:57, Flags: RI
Etype (skey, tkt): Triple DES cbc mode with HMAC/sha1, Triple DES cbc mode with HMAC/sha1
OK, this means you are using the MIT Kerberos and not the Solaris SEAM packages (Solaris 8 SEAM does not recognized 3DES).
However, your "ldapsearch" command is trying to use the Solaris GSSAPI implementation and will not work with MIT.
If you want to stick with MIT, then you will also need to find LDAP and SASL tools that work with MIT and not with the native Solaris GSSAPI library or figure out if the SunDS ldap tools can be configured to use the MIT GSSAPI library instead of native Solaris.
-Wyllys
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
