SASL + Kerberos + OpenLDAP issue

[Ken Hornstein]

> Feb 27 18:04:20 passrlsrv slapd[9861]: SASL [conn=16] Failure: GSSAPI 
> Error:  Miscellaneous failure (see text) (Decrypt integrity check 
> failedxt))

"Decrypt integrity check failed" means that the service key in your KDC
doesn't match the service key stored in the keytab.  You should rekey
your server (and make sure you re-kinit AFTER you do that so you get a new
service ticket that matches your service key).

--Ken