SASL + Kerberos + OpenLDAP issue
Ken Hornstein
kenh at cmf.nrl.navy.mil
Fri Feb 27 14:59:49 EST 2009
> Feb 27 18:04:20 passrlsrv slapd[9861]: SASL [conn=16] Failure: GSSAPI
> Error: Miscellaneous failure (see text) (Decrypt integrity check
> failedxt))
"Decrypt integrity check failed" means that the service key in your KDC
doesn't match the service key stored in the keytab. You should rekey
your server (and make sure you re-kinit AFTER you do that so you get a new
service ticket that matches your service key).
--Ken
More information about the Cyrus-sasl
mailing list