From owner-freebsd-stable@FreeBSD.ORG Thu Sep 2 11:14:07 2010 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3D70C10656B7 for ; Thu, 2 Sep 2010 11:14:07 +0000 (UTC) (envelope-from me@janh.de) Received: from mailhost.uni-hamburg.de (mailhost.uni-hamburg.de [134.100.32.155]) by mx1.freebsd.org (Postfix) with ESMTP id EC6D98FC12 for ; Thu, 2 Sep 2010 11:14:06 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mailhost.uni-hamburg.de (Postfix) with ESMTP id 0AA969035E; Thu, 2 Sep 2010 13:14:06 +0200 (CEST) X-Virus-Scanned: by University of Hamburg (RRZ/mailhost) Received: from mailhost.uni-hamburg.de ([127.0.0.1]) by localhost (mailhost.uni-hamburg.de [127.0.0.1]) (amavisd-new, port 10024) with LMTP id USHizHcPAyP6; Thu, 2 Sep 2010 13:14:05 +0200 (CEST) Received: from nb895.math (g224012120.adsl.alicedsl.de [92.224.12.120]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) (Authenticated sender: fmjv004) by mailhost.uni-hamburg.de (Postfix) with ESMTPSA id C6A459006F; Thu, 2 Sep 2010 13:14:05 +0200 (CEST) Message-ID: <4C7F86F4.6020505@janh.de> Date: Thu, 02 Sep 2010 13:13:56 +0200 From: Jan Henrik Sylvester User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.1.11) Gecko/20100821 Thunderbird/3.0.6 MIME-Version: 1.0 To: stable-list freebsd References: <4C7E803F.1090606@janh.de> <4C7F6167.6070609@FreeBSD.org> In-Reply-To: <4C7F6167.6070609@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: GSSAPI (for OpenLDAP) on FreeBSD 8? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Sep 2010 11:14:07 -0000 On 01/-10/-28163 20:59, Matthias Andree wrote: > Am 01.09.2010 18:33, schrieb Jan Henrik Sylvester: >> I have got problems with GSSAPI authentication to OpenLDAP: >> ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) >> error (80) >> additional info: SASL(-1): generic failure: GSSAPI Error: No >> credentials were supplied, or the credentials were unavailable or >> inaccessible. (unknown mech-code 0 for mech unknown) > > Did you run kinit to obtain tickets? You didn't mention that. Yes, I did, and klist shows the tgt and the ldap ticket -- the latter only after the call. You do get a "Local error" and not "Other" if you have no ticket. (And the ldap ticket is in /etc/krb5.keytab on the ldap server and owner by ldap.) Thanks, Jan Henrik