Re: [lsc-users] Synchronization error Openldap/AD GSSAPI

Wed, 25 Jan 2017 07:10:07 -0800 

The configuration of my xml file is :

<?xml version="1.0" ?>
<!--
        In the following file, comments are describing each node. Elements are
        referenced through XPath expression, whereas attributes are prefixed 
with
        '@'

        //lsc Root node of the XML configuration file
        @xmlns XML Schema validation is not ready yet (Reserved for futur use)
        @id optional, added by XML API
        @revision mandatory, used by the Web Administration Interface to version
                                this file
         -->
<lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; revision="0">

  <connections>

    <!-- annuaire : compte lecture seule (ro) -->
    <ldapConnection>
      <name>ldap-ro</name>
      <url>ldap://annuaire-ieg.domain.fr:389/dc=domain,dc=fr</url>
      <username>[email protected]</username>
      <password>my_passwd</password>
      <authentication>GSSAPI</authentication>
      <referral>IGNORE</referral>
      <derefAliases>NEVER</derefAliases>
      <version>VERSION_3</version>
      <pageSize>1000</pageSize>
      <factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
      <tlsActivated>false</tlsActivated>
    </ldapConnection>


And the /etc/krb5.conf contain:
[libdefaults]
 default_realm = DOMAIN.FR
        ticket_lifetime = 36000
        renew_lifetime = 604800
        clockskew = 300
    default_keytab_name = FILE:/etc/krb5.keytab

...
        default_tgs_enctypes = aes128-cts
        default_tkt_enctypes = aes128-cts
        permitted_enctypes = aes128-cts
...
[realms]
        DOMAIN.FR = {
  kdc = annuaire-ieg. domain.fr:88
        master_kdc = annuaire-ieg. domain.fr:88
  admin_server = annuaire-ieg. domain.fr:88
        default_domain = domain.fr:88
        }

[domain_realm]
        .domain.fr = DOMAIN.FR
        domain.fr = DOMAIN.FR

_______________________________________________________________________
Ghislain BRISARD
Division Aérospatiale et Défense
Capgemini | Rennes
Tel.: +33 (0)2 99 28 07 70
www.capgemini.com
 
Rennes Atalante Champs Blancs
7, rue Claude Chappe, CS 67746
35577 Cesson Sévigné cedex - France
People matter, results count.
_______________________________________________________________________
 
 


De : [email protected] 
[mailto:[email protected]] De la part de Bart Coninckx
Envoyé : mercredi 25 janvier 2017 15:56
À : [email protected]
Objet : Re: [lsc-users] Synchronization error Openldap/AD GSSAPI

I think people on the list can better help you if you add your XML file. 
Do not forget to hide your password info though,
 
Met Vriendelijke Groet,
Kind Regards,
Salutations,
 
 
Bart Coninckx
Bits 'n Tricks BVBA
 
Hoge Mierdse Heide 182
2360 Oud-Turnhout
tel. +32 14 480 820
gsm +32 478 88 33 08
[email protected]
http://www.bitsandtricks.com
BTW: BE0817.401.875
Crelan BE46 8601 0806 3436
Voor onze Algemene Voorwaarden, zie: 
http://www.bitsandtricks.com/index.php/contact/algemene-voorwaarden
 

 
-----Original message-----
From: Brisard, Ghislain <[email protected]>
Sent: Wed 25-01-2017 15:53
Subject: [lsc-users] Synchronization error Openldap/AD GSSAPI
To: [email protected]; 
Hello,
 
I am trying to synchronize an openldap from an AD. I use LSC with GSSAPI.
I configure by following the howto described by Francesco Malvezzi in the list 
 http://lists.lsc-project.org/pipermail/lsc-users/2013-December/001687.html
 
When I want to synchronize i have the following message:
 
 
janv. 25 15:05:33 - ERROR - Error opening the LDAP connection to the 
destination! (java.lang.RuntimeException: Multiple Kerberos connections not 
supported (existing value: /etc/lsc/ieg/krb5.ini). Need to set another LSC 
instance or unset system property !)
janv. 25 15:05:33 - ERROR - org.lsc.exception.LscConfigurationException: 
Configuration exception: java.lang.RuntimeException: Multiple Kerberos 
connections not supported (existing value: /etc/lsc/ieg/krb5.ini). Need to set 
another LSC instance or unset system property !
 
 
_______________________________________________________________________
Ghislain BRISARD
Division Aérospatiale et Défense
Capgemini | Rennes
Tel.: +33 (0)2 99 28 07 70
www.capgemini.com
 
Rennes Atalante Champs Blancs
7, rue Claude Chappe, CS 67746
35577 Cesson Sévigné cedex - France
People matter, results count.
_______________________________________________________________________
 
 
 
 
 
 
This message contains information that may be privileged or confidential and is 
the property of the Capgemini Group. It is intended only for the person to whom 
it is addressed. If you are not the intended recipient, you are not authorized 
to read, print, retain, copy, disseminate, distribute, or use this message or 
any part thereof. If you receive this message in error, please notify the 
sender immediately and delete all copies of this message.

_______________________________________________________________
 Ldap Synchronization Connector (LSC) - http://lsc-project.org
 
 lsc-users mailing list
 [email protected]
 http://lists.lsc-project.org/listinfo/lsc-users
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users

Reply via email to