Catch-all: "saslauthd internal error" with kerberos5
daniel at danielnorton.com
Wed Mar 2 00:33:35 EST 2011
On 2/26/2011 10:13 PM, Daniel Norton wrote:
> Briefly, this works fine:
> $ kadmin -p username -w password
> But this fails:
> $ testsaslauthd -u username -p password
> 0: NO "authentication failed"
I found the problem, and had actually seen the solution in this list's
My ultimate problem was that I was thinking that the domain name for my
server principal name could be whatever I chose, and I chose
host/example.com at REALM, but the principal name must actually be
host//subdomain/.example.com at REALM (where "subdomain.example.com" is
whatever is returned from *gethostname()*). It's obvious, now that I
know the solution!
While stepping through the libkrb code I saw quite a number of other
conditions that result in the catch-all "internal error" description
(many of which could only be divined by stepping through the code), but
that's an age-old problem that's obviously not going to get fixed
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Cyrus-sasl