Server ldap/localhost at EXAMPLE.COM not found in Kerberos database

Jason Trupp jtrupp at symas.com
Fri Apr 14 09:44:04 EDT 2017


In our experience, the all CAPS domain name can cause problems. The entire 
FQDN needs to be lowercase to work properly.

Warmest regards,
Jason Trupp
Symas Corporation/Evolveum MidPoint
Support Engineer – Trainer
(855) LDAP-GUY



-----Original Message-----
From: Cyrus-sasl 
[mailto:cyrus-sasl-bounces+jtrupp=symas.com at lists.andrew.cmu.edu] On Behalf 
Of Jaap Winius
Sent: Friday, April 14, 2017 4:54 AM
To: Dieter Klünter
Cc: cyrus-sasl at lists.andrew.cmu.edu
Subject: Re: Server ldap/localhost at EXAMPLE.COM not found in Kerberos 
database

Quoting Dieter Klünter <dieter at dkluenter.de>:

>>    slapd[1668]: GSSAPI Error: Unspecified GSS failure. \
>>    Minor code may provide more information \
>>    (Server ldap/localhost at EXAMPLE.COM not found in Kerberos database)
> [...]
>
> The slapd user must be able to read the relevant keytab.

Already covered: I do that by giving the openldap group read access to it.

Otherwise, /etc/hostname is okay, 'hostnamectl status' gives the same, 
there's nothing weird in /etc/hosts and the DNS forward and reverse records 
give all the same answers.

Cheers,

Jaap


More information about the Cyrus-sasl mailing list