Hi All, I'm having trouble with Kerberos authentication on openldap.
I'm on gentoo running openldap-2.2.28-r4, cyrus-sasl-2.1.21-r2, mit-krb5-1.4.3 and openssl-0.9.7i. When I run ldapsearch -H ldap://water/ -b dc=fluid I get SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Invalid credentials (49) additional info: SASL(-13): authentication failure: GSSAPI Failure: gss_accept_sec_context I've looked at the log and it appears that when sasl_bind is called the DN is "". I've removed the saslregex from my slapd.conf just to check it wasn't replacing it with nothing. The keytab is ldap:ldap 640 and the slapd is run as user ldap. The keytab is listed in /etc/conf.d/slapd Does anyone have an idea what would be causing these errors? Thanks for any help and suggestions. Cheers, Alan.
