Your testsaslauthd is trying to use the imap service. If you don't have an imap 
service in your KDC, then of course it will fail.


I saw that, but couldn't figure out how to change the service directly (Nothing in 
saslauthd(8) says anything about service). I'm assuming that "imap" is the 
default when using testsaslauthd. I could get it to change when I try a simple bind, but 
that doesn't change the result, I still get an error, and I do have a ldap service in my 
KDC. I also do have {SASL}jschaef...@harmonywave.com set as my userPassword.

root@baneling:~# ldapsearch -LLL -x -D "uid=jschaeffer,ou=End 
Users,ou=People,dc=harmonywave,dc=com" -W -b ""
Enter LDAP Password:
ldap_bind: Invalid credentials (49)

saslauthd[1479] :do_auth         : auth failure: [user=jschaeffer] 
[service=ldap] [realm=HARMONYWAVE.COM] [mech=kerberos5] [reason=saslauthd 
internal error]

kadmin: listprincs
...
ldap/baneling.harmonywave....@harmonywave.com
...

Thanks,
Joshua Schaeffer

Reply via email to