From owner-freebsd-questions@FreeBSD.ORG Wed Aug 25 16:20:55 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 425F4106566B for ; Wed, 25 Aug 2010 16:20:55 +0000 (UTC) (envelope-from elon@emmi.physik-pool.tu-berlin.de) Received: from emmi.physik-pool.tu-berlin.de (emmi.physik-pool.tu-berlin.de [130.149.58.146]) by mx1.freebsd.org (Postfix) with ESMTP id CCDAC8FC1E for ; Wed, 25 Aug 2010 16:20:54 +0000 (UTC) Received: from emmi.physik-pool.tu-berlin.de (localhost.physik-pool.tu-berlin.de [127.0.0.1]) by emmi.physik-pool.tu-berlin.de (8.14.4/8.14.4) with ESMTP id o7PG44he000636 for ; Wed, 25 Aug 2010 18:04:04 +0200 (CEST) (envelope-from elon@emmi.physik-pool.tu-berlin.de) Received: (from elon@localhost) by emmi.physik-pool.tu-berlin.de (8.14.4/8.14.4/Submit) id o7PG44OQ000635 for freebsd-questions@freebsd.org; Wed, 25 Aug 2010 18:04:04 +0200 (CEST) (envelope-from elon) Date: Wed, 25 Aug 2010 18:04:04 +0200 From: Leon =?iso-8859-15?Q?Me=DFner?= To: freebsd-questions@freebsd.org Message-ID: <20100825160404.GF3762@emmi.physik-pool.tu-berlin.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.20 (2009-06-14) Subject: openldap-sasl fails after 8.1 upgrade X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Aug 2010 16:20:55 -0000 Hi, after binary upgrading to freebsd8.1 from 7.2 i encounter an error with openldap24, cyrus-sasl2 and kerberos: # ldapsearch uid=whatever SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80) additional info: SASL(-1): generic failure: GSSAPI Error: No credentials were supplied, or the credentials were unavailable or inaccessible. (unknown mech-code 0 for mech unknown) Simple binding to the ldap server does work. The KDC behind this is still on kerberos 0.6.3 (FreeBSD7.3) and there have been reported Problems with such a setup, but as i can login through ssh and kerberos i suppose these [1] don't apply here (also already tested the proposed changes). If anybody got any insight please share. Thanks in Advance, Leon [1] http://lists.freebsd.org/pipermail/freebsd-stable/2009-October/052217.html