Date: Wed, 14 Jun 2017 15:30:32 -0300 From: Friedrich Locke <friedrich.locke@gmail.com> To: freebsd-questions@freebsd.org, openldap-software@openldap.org Subject: ldap nithmare Message-ID: <594180C8.2040809@gmail.com>
next in thread | raw e-mail | index | archive | help
Hi folks,
after trying to get ldap gssapi working i believe i am getting closer to
the problem.
The way my /etc/hosts files is configured changes the kind of error
response. Please, realize i am not using dns, only hosts file:
When my /etc/hosts file has this line below:
139.59.138.203 etosha.my.domain etosha
I get this:
sioux@etosha$ ldapwhoami -Y GSSAPI
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific)
error (80)
additional info: SASL(-1): generic failure: GSSAPI Error: No
credentials were supplied, or the credentials were unavailable or
inaccessible. (unknown mech-code 0 for mech unknown)
The kerberos ticket to ldap/etosha.my.domain is retrieved normally.
But, when /etc/hosts changes to:
139.59.138.203 etosha etosha.my.domain
Then:
sioux@etosha$ ldapwhoami -Y GSSAPI
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (-2)
additional info: SASL(-1): generic failure: GSSAPI Error:
Miscellaneous failure (see text)known (Server (ldap/etosha@MY.DOMAIN)
unknown)
The kerberos ticket to ldap/etosha.my.domain is not retrieved.
Why am i given this results ?
May someone give me advices on these regards ?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?594180C8.2040809>