The principal for an ldap server is ldap/hostname at realmofhost(hostname). I.E. if your server is ldap.example.com and that host lives in the EXAMPLE.COM realm then your ldap principal is ldap/foo.example.com at EXAMPLE.COM. Good luck with the more verbose errors. I tend to use strace and ltrace for debugging info. --Sam