SASL problems

David "3oz" Sonenberg pip_prime at yahoo.com
Wed Dec 22 10:24:06 EST 2004


I trying to get LDAP, SASL and KRB5 to work together. 
On the LDAP machine I have openldap 2.2.17, sasl
2.1.12, and heimdal 0.6.  My KDC is running MIT krb5
1.3.5.  I'm getting the following error(names have
been changed for privacy):

lt-sample-server: SASL Other: GSSAPI Error: 
Miscellaneous failure (see text) (failed to find
host/ldap.myrealm.com at MYREALM.COM(kvno 3) in keytab
FILE:/etc/kerberos/krb5.keytab)

I used the following commands to create the keytabs
kadmin.local -q 'addprinc -randkey -e
"des-cbc-crc:normal" host/ldap.myrealm.com'
kadmin.local -q 'addprinc -randkey -e
"des-cbc-crc:normal" ldap/ldap.myrealm.com'
kadmin.local -q 'addprinc -randkey -e
"des-cbc-crc:normal" Manager'
kadmin.local -q 'ktadd -k /tmp/ldap.keytab -e
"des-cbc-crc:normal" host/ldap.myrealm.com'
kadmin.local -q 'ktadd -k /tmp/ldap.keytab -e
"des-cbc-crc:normal" ldap/ldap.myrealm.com'
kadmin.local -q 'ktadd -k /tmp/Manager.keytab
"des-cbc-crc:normal" Manager'

scp /tmp/ldap.keytab
ldap.myrealm.com:/etc/krb5/krb5.keytab
scp /tmp/Manager.keytab ldap.myrealm.com:/etc/openldap

Any help would be much appreciated.


		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Helps protect you from nasty viruses. 
http://promotions.yahoo.com/new_mail


More information about the Kerberos mailing list