On 03/29/12 12:18 +0100, luxInteg wrote:
Greetings,i am new to this list. I have a computer with these:- cpu: amd64 2 cores os linux 64bit distro=cblfs kernel-3.2.1, gcc-4.5.2 auth progs: MIT-kerberos-1.10, sasl-2.1.25. openldap-2.4.29 I verified ldap is running without sasl with the ldapsearch command like so:- ldapsearch -xWLLL "ou=people" -H ldaps://tester.example.com When I tried the same command for a sasl bind:- ldappsearch -LLL "ou=people" -H ldaps://tester.example.com I get this ################################################### SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Invalid credentials (49) additional info: SASL(-13): authentication failure: GSSAPI Failure: gss_accept_sec_context ################################################### When I didpensed with tls i.e. I do ldappsearch -LLL "ou=people" -H ldap://tester.example.com I get the same result. It seems that there is something wrong with sasl-installation and I would be grateful for some advice including source of any needed patches.
To apply the patch I mentioned on the openldap list: wget ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-2.1.25.tar.gz wget -O gssapi-flags.patch https://bugzilla.cyrusimap.org/attachment.cgi?id=1393 tar -xvzf cyrus-sasl-2.1.25.tar.gz cd cyrus-sasl-2.1.25/ patch -p1 < ../gssapi-flags.patch Then ./configure etc. If you're using a package from an OS that you did not compile yourself, consider filing a bug with your vendor to get them to review this patch for inclusion. Another patch you may want to look at is: https://bugzilla.cyrusimap.org/show_bug.cgi?id=3445 -- Dan White
