GSSAPI Error: An invalid name was supplied (Not enough space)

Ben Lentz ben.lentz at gmail.com
Fri Oct 31 12:57:03 EDT 2008


> Are you receiving the service principal ticket for the ldap server (e.g.
> ldap/<hostname>@REALM)?

I am receiving krbtgt/<hostname>@REALM

>
> The error you're receiving is possibly due to the AD/mit/kerberos
> interaction rather than cyrus. I had success trouble shooting a 'packet too
> large', or something similar, once with wireshark. That was with Heimdal and
> AD. I ended up forcing Heimdal to use TCP when talking to the AD server. In
> /etc/krb5.conf:
>
> [realms]
>       EXAMPLE.NET = {
>               kdc = tcp/ad.example.net
>               kdc = ad.example.net
>               admin_server = ad.example.net
>
> - Dan
>

I have this working perfectly on a CentOS 5.2 system with kernel
2.6.18 using OpenLDAP 2.3.27, cyrus-sasl 2.1.22, and krb5 1.6.1
without any additional configuration.

It could certainly having something to do with Linux versus AIX or
OpenLDAP 2.3.27 versus 2.4.12 or krb5 1.6.1 versus 1.6.3.


More information about the Cyrus-sasl mailing list