KDC 1.15 startup error: Invalid credentials - while initializing database
Pallissard, Matthew
krb at pallissard.net
Thu Apr 13 23:35:01 EDT 2017
Is it slapd reading its key tab incorrectly or is the hostname being derived incorrectly. Is this a host file issue?
Matt Pallissard
-------- Original Message --------
From: Jaap Winius <jwinius at umrk.nl>
Sent: Thu Apr 13 18:20:33 CDT 2017
To: Jaap Winius <jwinius at umrk.nl>
Cc: "Pallissard, Matthew" <krb at pallissard.net>, kerberos at mit.edu
Subject: Re: KDC 1.15 startup error: Invalid credentials - while initializing database
Quoting Jaap Winius <jwinius at umrk.nl>:
> slapd[560]: GSSAPI Error: Unspecified GSS failure. \
> Minor code may provide more information \
> (Server ldap/localhost at EXAMPLE.COM not found in Kerberos database)
Invalid credentials? It's because of this. Slapd should discover its
identity by reading its keytab, the location for which can be found in
the value for KRB5_KTNAME (set in /etc/default/slapd), but that's not
happening. This is starting to look like a bug, perhaps in
libsasl2-modules-gssapi-mit.
Cheers,
Jaap
More information about the Kerberos
mailing list