[28708] in Kerberos
Re: Server not found in Kerberos database error on ldapsearch
daemon@ATHENA.MIT.EDU (Douglas E. Engert)
Fri Nov 9 15:44:06 2007
Message-ID: <4734C680.2050404@anl.gov>
Date: Fri, 09 Nov 2007 14:43:44 -0600
From: "Douglas E. Engert" <deengert@anl.gov>
MIME-Version: 1.0
To: jeck <evgeniy.zharovsky@verwaltung.uni-muenchen.de>
In-Reply-To: <13667697.post@talk.nabble.com>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
jeck wrote:
> Good afternoon!
> I have the following problem: I need to connect securely to a AD and search
> it via ldapsearch.
It should work with something like this with OpenLDAP SASL and GSSAPI:
ldapsearch -b "dc=ad,dc=domain,dc=com" -h dc1.ad.domain.com -Y GSSAPI ...
where the domain name is ad.domain.com and one of the AD controllers
is dc1.ad.domain.com
> When I try to do so the "Server not found in Kerberos
> database" error appears. I'm not quite sure, why. I have extracted a keytab
> of the AD
What? Not sure what you mean here. Is the keytab for a user or the AD
controller itself? You should *not* need a keytab at all.
> and kinit seems to work fine for the same user as I want to use
> with ldapsearch.
Usually a user with some AD administrative privilages.
>The hosts-files
What host files?
> are set up correctly (a ping on DNS-names
> looks fine). There is nothing that indicates an error in the AD-logs (only
> successful logons). Could anyone give me a hint, why I get this reaction?
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
