'Re:Re Openldap crashes on GSSAPI authentication'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-bugs
Subject:    Re:Re Openldap crashes on GSSAPI authentication
From:       Jeremy Fressard <jfressar () laas ! fr>
Date:       2003-06-30 14:25:06
[Download RAW message or body]

Hi,

I tried, as you said, to use heimdal for my openldap built and i always 
have the same error which crashes my slapd.

> SASL/GSSAPI authentication started
> ldap_sasl_interactive_bind_s : Can't contact LDAP server (81)

If somebody can help me ?

or if somebody can explain me this  response of stephen frost :

Or just get the patch which adds mutex locks around gssapi calls from
SASL.

And where i can get this patch??

Thanks



Le vendredi, 27 jun 2003, à 15:35 Europe/Paris, Chapman, Kyle a écrit :

> if you do a truss on slapd, you may see it fail on a lookup for 
> krb5.conf located in /usr/local/etc, as many have pointed out, you may 
> want to use heimdal for your openldap builds, not suggesting that you 
> replace mit at all...
>
> -----Original Message-----
> From: Jeremy Fressard [mailto:jfressar@laas.fr]
> Sent: Friday, June 27, 2003 9:04 AM
> To: openldap-bugs@OpenLDAP.org
> Subject: Openldap crashes on GSSAPI authentication
>
> Hi,
>
> I have been trying for a while to get openldap working with sasl and
> gssapi on Solaris 9 but i have a problem.
>
> I am using mit kerberos5.
>
> I compiled sasl-2.1.13 and tested it with the sample server and client
> with sucess for gssapi authentication. Later on I compiled
> openldap-2.1.21 with kpasswd and kerberos.
>
>
> When I try a ldapsearch (with my TGT), slapd crashes on GSSAPI 
> authentication :
> SASL/GSSAPI authentication started
> ldap_sasl_interactive_bind_s : Can't contact LDAP server (81) // I 
> think that's why it is dead.
>
> In my KDC.log there is the TGS request which is ok but i think slapd 
> crashe (I think) at the TGS response.
> But I have my ticket LDAP/FQDN in my cache (klist).
>
>
> Thanks you very much if you have an idea.
>
> NOTICE: This E-mail may contain confidential information. If you are 
> not
> the addressee or the intended recipient please do not read this E-mail
> and please immediately delete this e-mail message and any attachments
> from your workstation or network mail system. If you are the addressee
> or the intended recipient and you save or print a copy of this E-mail,
> please place it in an appropriate file, depending on whether
> confidential information is contained in the message.
>


Hi, 


I tried, as you said, to use heimdal for my openldap built and i
always have the same error which crashes my slapd.


<excerpt>SASL/GSSAPI authentication started

ldap_sasl_interactive_bind_s : Can't contact LDAP server (81)

</excerpt>

If somebody can help me ?


or if somebody can explain me this  response of stephen frost : 


<color><param>56F2,4CAE,FFFF</param>Or just get the patch which adds
mutex locks around gssapi calls from

SASL.


</color><color><param>0064,0058,0128</param>And where i can get this
patch??


</color>Thanks

<color><param>56F2,4CAE,FFFF</param>

</color>


Le vendredi, 27 jun 2003, à 15:35 Europe/Paris, Chapman, Kyle a écrit :


<excerpt><fontfamily><param>Arial</param><color><param>0000,0000,FFFF</param><smaller>if
you do a truss on slapd, you may see it fail on a lookup for krb5.conf
located in /usr/local/etc, as many have pointed out, you may want to
use heimdal for your openldap builds, not suggesting that you replace
mit at all...</smaller></color></fontfamily>


<fontfamily><param>Tahoma</param><smaller>-----Original Message-----

<bold>From:</bold> Jeremy Fressard [mailto:jfressar@laas.fr]

<bold>Sent:</bold> Friday, June 27, 2003 9:04 AM

<bold>To:</bold> openldap-bugs@OpenLDAP.org

<bold>Subject:</bold> Openldap crashes on GSSAPI authentication


</smaller></fontfamily>Hi,


I have been trying for a while to get openldap working with sasl and

gssapi on Solaris 9 but i have a problem.


I am using mit kerberos5.


I compiled sasl-2.1.13 and tested it with the sample server and client

with sucess for gssapi authentication. Later on I compiled

openldap-2.1.21 with kpasswd and kerberos.



When I try a ldapsearch (with my TGT), slapd crashes on GSSAPI
authentication :

SASL/GSSAPI authentication started

ldap_sasl_interactive_bind_s : Can't contact LDAP server (81) // I
think that's why it is dead.


In my KDC.log there is the TGS request which is ok but i think slapd
crashe (I think) at the TGS response.

But I have my ticket LDAP/FQDN in my cache (klist).



Thanks you very much if you have an idea.


<smaller>NOTICE: This E-mail may contain confidential information. If
you are not

the addressee or the intended recipient please do not read this E-mail

and please immediately delete this e-mail message and any attachments

from your workstation or network mail system. If you are the addressee

or the intended recipient and you save or print a copy of this E-mail,

please place it in an appropriate file, depending on whether

confidential information is contained in the message.


</smaller></excerpt>

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic