https://bugs.openldap.org/show_bug.cgi?id=9547
Issue ID: 9547
Summary: OpenLDAP does not send port as SPN when authenticating
SASL GSSAPI
Product: OpenLDAP
Version: 2.4.44
Hardware: x86_64
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: libraries
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
When trying to authenticate to an ADLDS server using kerberos and a MIT ccache,
OpenLdap only passes the hostname to the SASL mechanism, causing a mismatch
between the SPN in the client "ldap/adlds.my.domain" and the one registered in
AD "ldap/adlds.my.domain:50000"
Is there a way fo forcing OpenLDAP to pass the port as part of the SASL
request? Or is there a part of the OpenLDAP -> Cyprus-SASL -> MIT KRB5 chain
where this can be enabled?
--
You are receiving this mail because:
You are on the CC list for the issue.
