Followup: I'm still seeing the "message stream modified" error on Linux. I turned on debugging in the ldap.conf file to get some more details. I ran "getent passwd", which attempts a SASL/GSSAPI bind to Active Directory. Looking through the verbose messages on the screen, everything looks OK except for one thing:
Unable to chase referral "ldap://ForestDnsZones.example.com/DC=ForestDnsZones,DC=example,DC=com"; (Local error) I've tried starting over and creating new Kerberos key tables, and I've tried recompiling the PADL nss_ldap software (though I don't think it's an LDAP issue - simple binds work great). FYI - I got this working correctly with Solaris 9, so I'm pretty sure the problem is not my domain controllers (but I could be wrong). Thanks, Kevin -- View this message in context: http://www.nabble.com/Kerberos-SASL-LDAP-Windows---Message-Stream-Modified-tf2375631.html#a6797937 Sent from the Kerberos - General mailing list archive at Nabble.com. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
