TLS + GSSAPI ldap binds in 4.0.0alpha17-GIT-2d23dff
Lukasz Zalewski
lukas at eecs.qmul.ac.uk
Mon Aug 15 03:40:11 MDT 2011
Hi all,
After the update to alpha17 (from alpha12) we have not been able to
perform GSSAPI + TLS binds against the ldap server,
i.e. after successful kinit the following:
ldapsearch -ZZ -Y GSSAPI -h my.domain -b "dc=my,dc=domain" cn=somecn
produces error message:
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Server is unwilling to perform (53)
additional info: SASL:[GSSAPI]: Sign or Seal are not allowed if TLS is used
TLS without GSSAPI and GSSAPI without TLS binds work fine. Has anyone
experienced this issue? Any help would be apreciated :)
Many thanks
Luk
More information about the samba-technical
mailing list