[39542] in Kerberos
Re: bind to LDAP server produces "invalid credentials" error
daemon@ATHENA.MIT.EDU (Travis Bean)
Sat Aug 23 21:10:36 2025
MIME-Version: 1.0
In-Reply-To: <CAFk47JgMy6WOGkCU=AB=D0a-VcFSDsY5yHF4J9qg6=nfVg2j_w@mail.gmail.com>
From: Travis Bean <tbean74@gmail.com>
Date: Sat, 23 Aug 2025 18:10:11 -0700
Message-ID: <CAFk47JgQFhX56N0sBJ8PtddDPhH6fei-cBGt8nAKO+ddeM4rBA@mail.gmail.com>
To: kerberos@mit.edu
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
On Fri, Aug 22, 2025 at 9:50 AM Travis Bean <tbean74@gmail.com> wrote:
>
> On Thu, Aug 21, 2025 at 10:56 AM Greg Hudson <ghudson@mit.edu> wrote:
> >
> > On 8/20/25 23:43, Travis Bean wrote:
> > > “Cannot bind to LDAP server ldapi:/// as
> > > ‘cn=kdc-srv,cn=krbContainer,dc=example,dc=local’: Invalid credentials
> > > - while initializing database.”
> >
> > This means libkdb_ldap called ldap_sasl_bind_s() and got back an
> > LDAP_INVALID_CREDENTIALS response, most likely indicating that the LDAP
> > server didn't match the password from the service stash file.
After extensive troubleshooting, I can definitely say this is a
problem with my stash file.
Perhaps there is a bug in kdb5_ldap_util since it is generating a
malformed stash file.
Perhaps I should submit a bug report.
Kind regards,
Travis Bean
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
