Public bug reported:
In jammy:
root@j1:~# saslpluginviewer | head | grep SPNEGO
root@j1:~#
Confirming against a windows 2016 active directory server, fully patched:
root@j1:~# ldapwhoami -Y GSS-SPNEGO
ldap_sasl_interactive_bind: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available: No worthy mechs found
gssapi (kerberos) works:
root@j1:~# ldapwhoami -Y GSSAPI
SASL/GSSAPI authentication started
SASL username: [email protected]
SASL SSF: 256
SASL data security layer installed.
u:INTEXAMPLE\Administrator
root@j1:~# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: [email protected]
Valid starting Expires Service principal
01/08/22 22:31:48 01/09/22 08:31:48
krbtgt/[email protected]
renew until 01/09/22 22:31:45
01/08/22 22:34:53 01/09/22 08:31:48
ldap/win-kriet1e5elo.internal.example.fake@
renew until 01/09/22 22:31:45
Ticket server:
ldap/[email protected]
In focal, GSS-SPNEGO works:
root@f1:~# saslpluginviewer | head | grep SPNEGO
GS2-IAKERB GS2-KRB5 SCRAM-SHA-1 SCRAM-SHA-256 GSSAPI GSS-SPNEGO DIGEST-MD5
EXTERNAL NTLM CRAM-MD5 PLAIN LOGIN ANONYMOUS
GS2-IAKERB GS2-KRB5 SCRAM-SHA-1 SCRAM-SHA-256 GSSAPI GSS-SPNEGO DIGEST-MD5
NTLM CRAM-MD5 PLAIN LOGIN ANONYMOUS
Confirming with ldapwhoami:
root@f1:~# ldapwhoami -Y GSS-SPNEGO
SASL/GSS-SPNEGO authentication started
SASL username: [email protected]
SASL SSF: 256
SASL data security layer installed.
u:INTEXAMPLE\Administrator
** Affects: cyrus-sasl2 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cyrus-sasl2 in Ubuntu.
https://bugs.launchpad.net/bugs/1956833
Title:
No GSS-SPNEGO support in jammy
Status in cyrus-sasl2 package in Ubuntu:
New
Bug description:
In jammy:
root@j1:~# saslpluginviewer | head | grep SPNEGO
root@j1:~#
Confirming against a windows 2016 active directory server, fully patched:
root@j1:~# ldapwhoami -Y GSS-SPNEGO
ldap_sasl_interactive_bind: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available: No worthy mechs
found
gssapi (kerberos) works:
root@j1:~# ldapwhoami -Y GSSAPI
SASL/GSSAPI authentication started
SASL username: [email protected]
SASL SSF: 256
SASL data security layer installed.
u:INTEXAMPLE\Administrator
root@j1:~# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: [email protected]
Valid starting Expires Service principal
01/08/22 22:31:48 01/09/22 08:31:48
krbtgt/[email protected]
renew until 01/09/22 22:31:45
01/08/22 22:34:53 01/09/22 08:31:48
ldap/win-kriet1e5elo.internal.example.fake@
renew until 01/09/22 22:31:45
Ticket server:
ldap/[email protected]
In focal, GSS-SPNEGO works:
root@f1:~# saslpluginviewer | head | grep SPNEGO
GS2-IAKERB GS2-KRB5 SCRAM-SHA-1 SCRAM-SHA-256 GSSAPI GSS-SPNEGO DIGEST-MD5
EXTERNAL NTLM CRAM-MD5 PLAIN LOGIN ANONYMOUS
GS2-IAKERB GS2-KRB5 SCRAM-SHA-1 SCRAM-SHA-256 GSSAPI GSS-SPNEGO DIGEST-MD5
NTLM CRAM-MD5 PLAIN LOGIN ANONYMOUS
Confirming with ldapwhoami:
root@f1:~# ldapwhoami -Y GSS-SPNEGO
SASL/GSS-SPNEGO authentication started
SASL username: [email protected]
SASL SSF: 256
SASL data security layer installed.
u:INTEXAMPLE\Administrator
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cyrus-sasl2/+bug/1956833/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
