Hi Zoran, the logs you attached seem to tell that the connection failed. Does ldapsearch with the same conf options and credentials used in krb5.conf actually work ?
Simo. ----- Original Message ----- > Hi, > > I have strange problem with krb5 krb5-server-ldap and FC14. Tried to > resolve it my self, but i'am stuck. Stangest thing is that all of this > work perfectly with fc13 so it's no config issue. I could not find any > major difference in krb5 from fc13 to fc14. Only thing is that libldap > from openldap-clients is compiled with mozilla nss (fc14) instead of > OpenSSL (fc13) but krb5kdc is connected to ldap servers which I > confirmed in ldap server logs, so it should not be TLS related > problem. > > krb5kdc bind for first time and get realm related stuff. But when I > run > kinit it returns "kinit: Generic error (see e-text) while getting > initial credentials". > > Strangest this is that all works perfectly if I manually run krb5kdc > "/usr/sbin/krb5kdc -r ST -P /var/run/krb5kdc.pid" instead of using > initscripts. > > Attached krb5.conf, patch to enhance krb5kdc debugging and log file > created with this patch included. > > This may not be right list but I think that freeipa should have same > bug. Feel free to ask for more debugging or probing new patches. > > Best regards, > Zoran Pericic > > > > > > > _______________________________________________ > Freeipa-devel mailing list > Freeipa-devel@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-devel -- Simo Sorce * Red Hat, Inc. * New York _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel