[28710] in Kerberos
Re: Server not found in Kerberos database error on ldapsearch
daemon@ATHENA.MIT.EDU (jeck)
Fri Nov 9 20:07:32 2007
Message-ID: <13678239.post@talk.nabble.com>
Date: Fri, 9 Nov 2007 17:07:03 -0800 (PST)
From: jeck <evgeniy.zharovsky@verwaltung.uni-muenchen.de>
To: kerberos@mit.edu
In-Reply-To: <4734C680.2050404@anl.gov>
MIME-Version: 1.0
X-Nabble-From: evgeniy.zharovsky@verwaltung.uni-muenchen.de
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Thank you for the fast reply!
>It should work with something like this with OpenLDAP SASL and GSSAPI:
>
>ldapsearch -b "dc=ad,dc=domain,dc=com" -h dc1.ad.domain.com -Y GSSAPI ...
>where the domain name is ad.domain.com and one of the AD controllers
>is dc1.ad.domain.com
That is exactly the way I tried it. GSSAPI exits with unkown GSS error, the
minor code is "Server not found in Kerberos database". And that is my
problem...
>You should *not* need a keytab at all.
I didn't know that... I tried with keytab and without. The result stays the
same.
>> and kinit seems to work fine for the same user as I want to use
>> with ldapsearch.
>
>Usually a user with some AD administrative privilages.
Yes. When I use simple bind, the querry works for this user, so I think the
priviledges are ok.
>>The hosts-files
>
>What host files?
The /etc/hosts files on both machines (well on Windows its
{WIN}\system32\etc\hosts). I mentioned this, because lots of solutions I
found, said, that my problem had something to do with DNS problems and
recomended to set up the /etc/hosts files manually. Unfortunatly it didn't
help in my case. I mentioned it, because I thought, that it would eliminate
the DNS-problem-option...
Maybe my point of view is not quite right to understand the problem... What
information could be of interest to understand and solve it?
--
View this message in context: http://www.nabble.com/Server-not-found-in-Kerberos-database-error-on-ldapsearch-tf4777894.html#a13678239
Sent from the Kerberos - General mailing list archive at Nabble.com.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
