Re: nslcd SASL bind fails
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
Re: nslcd SASL bind fails
- From: steve <steve [at] steve-ss.com>
- To: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: Re: nslcd SASL bind fails
- Date: Sun, 12 Feb 2012 18:04:08 +0100
On 02/12/2012 05:04 PM, steve wrote:
Hi
Ubuntu 11.10
nslcd 0.8.4 from nslcd_0.8.4_i386.deb
I can't do a GSSAPI bind:
Feb 12 16:51:54 hh3 nslcd[3002]: [e8944a] <passwd="steve2"> failed to
bind to LDAP server ldap://192.168.1.3: Local error: No such file or
directory
/etc/nslcd.conf
uid nslcd-user
gid nslcd-user
uri ldap://192.168.1.3
base dc=hh3,dc=site
map passwd uid samAccountName
map passwd homeDirectory unixHomeDirectory
sasl_mech GSSAPI
sasl_realm HH3.SITE
krb5_ccname /tmp/krb5cc_0
There is a ticket cache at /tmp/krb5cc_0 and a conventional bind works
fine. I can also use ldapsearch -Y GSSAPI and ldapmodify -Y GSSAPI
Any ideas?
Thanks,
Steve
Sorry. Forgot he details. I compiled from source from your site:
root@hh3:/tmp# getent passwd steve2
root@hh3:/tmp#
nslcd -d
nslcd: DEBUG: add_uri(ldap://192.168.1.3)
nslcd: version 0.7.15 starting
nslcd: DEBUG: setgroups(0,NULL) done
nslcd: DEBUG: setgid(126) done
nslcd: DEBUG: setuid(115) done
nslcd: accepting connections
nslcd: [8b4567] DEBUG: connection from pid=17216 uid=0 gid=0
nslcd: [8b4567] DEBUG: nslcd_passwd_byname(steve2)
nslcd: [8b4567] DEBUG: myldap_search(base="dc=hh3,dc=site",
filter="(&(objectClass=posixAccount)(sAMAccountName=steve2))")
nslcd: [8b4567] DEBUG: ldap_initialize(ldap://192.168.1.3)
nslcd: [8b4567] DEBUG: ldap_set_rebind_proc()
nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)
nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)
nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
nslcd: [8b4567] DEBUG:
ldap_sasl_bind_s("cn=Administrator,cn=Users,dc=hh3,dc=site","GSSAPI",NULL)
(uri="ldap://192.168.1.3";)
nslcd: [8b4567] failed to bind to LDAP server ldap://192.168.1.3:
Invalid credentials
nslcd: [8b4567] DEBUG: ldap_unbind()
nslcd: [8b4567] no available LDAP server found
KDC
ldb_wrap open of secrets.ldb
GSS server Update(krb5)(1) Update failed: An unsupported mechanism was
requested: unknown mech-code 0 for mech 1 2 840 113554 1 2 2
What is it saying? Which is at fault here?
Thanks,
Steve
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/
