Date: Wed, 25 Aug 2010 22:34:27 +0300 From: "Reko Turja" <reko.turja@liukuma.net> To: =?iso-8859-1?Q?LeonMe=DFner?= <l.messner@physik.tu-berlin.de>, <freebsd-questions@freebsd.org> Subject: Re: openldap-sasl fails after 8.1 upgrade Message-ID: <1DA6D3678D2745999DA4F00266376495@rivendell> In-Reply-To: <20100825160404.GF3762@emmi.physik-pool.tu-berlin.de> References: <20100825160404.GF3762@emmi.physik-pool.tu-berlin.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Sadly the GSSAPI/Kerberos has been broken in 8.x for a good while now. You can either install the heimdal or MIT port, although getting that to work in stead of the base can be messy. kern/147454 PR actually has a working fix, although I'm not sure if it applies cleanly as it's pretty big - I managed to get working GSSAPI with it on 8.1 PRERELEASE. See also discussion at http://lists.freebsd.org/pipermail/freebsd-stable/2010-July/057734.html -Reko -------------------------------------------------- From: "LeonMeßner" <l.messner@physik.tu-berlin.de> Sent: Wednesday, August 25, 2010 7:04 PM To: <freebsd-questions@freebsd.org> Subject: openldap-sasl fails after 8.1 upgrade > Hi, > > after binary upgrading to freebsd8.1 from 7.2 i encounter an error > with openldap24, cyrus-sasl2 and kerberos: > > # ldapsearch uid=whatever > SASL/GSSAPI authentication started > ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) > error (80) > additional info: SASL(-1): generic failure: GSSAPI Error: No > credentials were supplied, or the credentials were unavailable or > inaccessible. (unknown mech-code 0 for mech unknown) > > Simple binding to the ldap server does work. The KDC behind this is > still on kerberos 0.6.3 (FreeBSD7.3) and there have been reported > Problems with such a setup, but as i can login through ssh and > kerberos > i suppose these [1] don't apply here (also already tested the > proposed > changes). > > If anybody got any insight please share. > > Thanks in Advance, > Leon > > [1] > http://lists.freebsd.org/pipermail/freebsd-stable/2009-October/052217.html > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1DA6D3678D2745999DA4F00266376495>