"Server unknown" error

Kurt D. Zeilenga Kurt at OpenLDAP.org
Wed Feb 15 14:35:41 EST 2006


You can (and, IMO, should) eliminate OpenLDAP as a source of
the problem by using Cyrus SASL's sample client and server
programs (with appropriate flags selecting the ldap
service and the slapd program) to produce the problem.

At 10:26 AM 2/15/2006, Gilles wrote:
>Hello.
>
>I'm experimenting with Kerberos and LDAP, and I'm now
>quite confused with the following error:
>
>$ ldapwhoami -H ldap://db -Y GSSAPI
>SASL/GSSAPI authentication started
>ldap_sasl_interactive_bind_s: Local error (-2)
>        additional info: SASL(-1): generic failure: GSSAPI Error:  Miscellaneous failure (see text) (Server (ldap/db.harfang.homelinux.org at HARFANG.HOMELINUX.ORG) unknown)
>
>The fact is that I had created a "ldap/db.harfang.homelinux.org"
>principal. And the above command had been working.
>Subsequently, I removed that principal and created another one
>named "db/db.harfang.homelinux.org".
>
>So, where does that command find a reference to the old name?
>
>The "slapd" server log doesn't show anything during the connection
>attempt, even though the debug level is set quite high.
>
>[I'm sorry if this isn't the right list to aks this, but I cannot
>determine where the problem comes from in this LDAP/SASL/Kerberos
>combination.  I hope someone knowledgeable will point me in the
>right direction.]
>
>
>Thanks for your help.
>Gilles



More information about the Cyrus-sasl mailing list