Re: GSSAPI / SASL problems of sasl2-bin on Ubuntu 10.04.4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On 07/11/12 16:01 +0800, John/SML wrote:
Hi Dan,

When I check the Kerberos messages, TGS-REP shows :-

Client realm : SML.CITIZEN.CO.JP
Client name (Principal): host/
Name-type: Principal(1)
Name: host

1. What command or event was occurring while this was captured?
2. Are the KDC and OpenLDAP servers the same in both cases (is it just the
client that has changed)?
3. What ldapwhoami command are you using (please include all command line

host/<hostname> is standard for operations performed while running as root
on a given host. If this was generated while performing an ldapwhoami, then
your klist should show:

#~ klist
Credentials cache: FILE:/tmp/krb5cc_0
        Principal: host/

  Issued           Expires          Principal

What service ticket was in the corresponding TGS-REQ? Was there a request
for a ldap/a.b.c@B.C ticket? Does it exist in your KDC database?

On the working system (Heimdal 1.0.1 + SASL 2.1.22) , the TGS-REP should
be my
Kerberos principal :-

Client realm : SML.CITIZEN.CO.JP
Client name (Principal): john
Name-type: Principal(1)
Name: john
Ticket : ......
      Server name (service and host): ldap/

Dan White

[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux