From owner-freebsd-questions@FreeBSD.ORG Wed Aug 25 19:34:32 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AA6C51065679 for ; Wed, 25 Aug 2010 19:34:32 +0000 (UTC) (envelope-from reko.turja@liukuma.net) Received: from www.liukuma.net (www.liukuma.net [62.220.235.15]) by mx1.freebsd.org (Postfix) with ESMTP id 539ED8FC12 for ; Wed, 25 Aug 2010 19:34:31 +0000 (UTC) Received: from www.liukuma.net (localhost [127.0.0.1]) by www.liukuma.net (Postfix) with ESMTP id 946E71CC59; Wed, 25 Aug 2010 22:33:59 +0300 (EEST) X-DKIM: Sendmail DKIM Filter v2.8.3 www.liukuma.net 946E71CC59 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=liukuma.net; s=liukudkim; t=1282764839; bh=rpv0V6+306dwptdXAmedjbwjjVQ32wHiIlYn9AEoexM=; h=Message-ID:From:To:References:In-Reply-To:Subject:Date: MIME-Version:Content-Type:Content-Transfer-Encoding; b=O0V1+udkDEogUOzA/5yoVL22np2ihBFxK7GP7eM2/Zp3X501HaMHCATZ3VXsA5mjm UODtMwSumjpbaotGJzB8BOc0v3agrTOHCLJUdnvTDZjoj2UpM3XOp/sgQ/+ZvGSSqR aeUuUBN/usFTOtcRW3t92fx4rlV7MC3Di32uylmw= X-Virus-Scanned: amavisd-new at liukuma.net Received: from www.liukuma.net ([127.0.0.1]) by www.liukuma.net (www.liukuma.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id H1PDVfRulj0K; Wed, 25 Aug 2010 22:33:54 +0300 (EEST) Received: from rivendell (a91-155-174-194.elisa-laajakaista.fi [91.155.174.194]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) (Authenticated sender: ignatz@www.liukuma.net) by www.liukuma.net (Postfix) with ESMTPSA id 14DCB1CC6C; Wed, 25 Aug 2010 22:33:54 +0300 (EEST) X-DKIM: Sendmail DKIM Filter v2.8.3 www.liukuma.net 14DCB1CC6C Message-ID: <1DA6D3678D2745999DA4F00266376495@rivendell> From: "Reko Turja" To: =?iso-8859-1?Q?LeonMe=DFner?= , References: <20100825160404.GF3762@emmi.physik-pool.tu-berlin.de> In-Reply-To: <20100825160404.GF3762@emmi.physik-pool.tu-berlin.de> Date: Wed, 25 Aug 2010 22:34:27 +0300 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: quoted-printable X-Priority: 3 X-MSMail-Priority: Normal Importance: Normal X-Mailer: Microsoft Windows Live Mail 14.0.8089.726 X-MimeOLE: Produced By Microsoft MimeOLE V14.0.8089.726 Cc: Subject: Re: openldap-sasl fails after 8.1 upgrade X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Aug 2010 19:34:32 -0000 Sadly the GSSAPI/Kerberos has been broken in 8.x for a good while now.=20 You can either install the heimdal or MIT port, although getting that=20 to work in stead of the base can be messy. kern/147454 PR actually has a working fix, although I'm not sure if it=20 applies cleanly as it's pretty big - I managed to get working GSSAPI=20 with it on 8.1 PRERELEASE. See also discussion at=20 http://lists.freebsd.org/pipermail/freebsd-stable/2010-July/057734.html -Reko -------------------------------------------------- From: "LeonMe=DFner" Sent: Wednesday, August 25, 2010 7:04 PM To: Subject: openldap-sasl fails after 8.1 upgrade > Hi, > > after binary upgrading to freebsd8.1 from 7.2 i encounter an error > with openldap24, cyrus-sasl2 and kerberos: > > # ldapsearch uid=3Dwhatever > SASL/GSSAPI authentication started > ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) > error (80) > additional info: SASL(-1): generic failure: GSSAPI Error: No > credentials were supplied, or the credentials were unavailable or > inaccessible. (unknown mech-code 0 for mech unknown) > > Simple binding to the ldap server does work. The KDC behind this is > still on kerberos 0.6.3 (FreeBSD7.3) and there have been reported > Problems with such a setup, but as i can login through ssh and=20 > kerberos > i suppose these [1] don't apply here (also already tested the=20 > proposed > changes). > > If anybody got any insight please share. > > Thanks in Advance, > Leon > > [1] > = http://lists.freebsd.org/pipermail/freebsd-stable/2009-October/052217.htm= l > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to=20 > "freebsd-questions-unsubscribe@freebsd.org" > =20