> -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Markus Moeller > Sent: Tuesday, March 24, 2009 7:26 AM > To: [email protected] > Subject: Re: SASL authentication > > Can you get a network capture with wireshark on your 2003 > server of all traffic from your client when you do the following > > On the client: > kinit [email protected] > ldapsearch -Y GSSAPI -H 'ldap://sesswin2003.sesswin2003.com' > -b 'dc=sesswin2003,dc=com' -s sub -LLL '(cn=qxu)' mail > > Make sure that sesswin2003.sesswin2003.com resolves to the > correct ip or is in your hosts file.
Just as you guess, Markus, there is no network traffic arriving at the LDAP server when I run ldapsearch command. In contrast, when I run kinit command, ethereal can help me capture Kerberos packets. So it seems the FQDN "sesswin2003.sesswin2003.com" cannot be resolved. Shall I do something to the file "/etc/hosts"? Could you give me some suggestion on how to resolve this name? Please note that the client (where kinit and ldapsearch are run) is not in the domain "sesswin2003.com". Thanks, Xu Qiang ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
