[Samba] [samba] ldapsearch & GSSAPI => Server not found in Kerberos database
Jeremy Allison
jra at samba.org
Thu Jun 16 00:33:27 UTC 2016
On Wed, Jun 15, 2016 at 03:20:19PM +0200, mathias dufresne wrote:
> Solved : )
>
> Reminder of the issue:
> Every services (CIFS, Kerberos, LDAP, DNS, RPC) on one DC were working well
> and ldapsearch using DN and password were also working.
> The only thing which was not working was ldapsearch using GSSAPI
> authentication with the following error:
> SASL/GSSAPI authentication started
> ldap_sasl_interactive_bind_s: Local error (-2)
> additional info: SASL(-1): generic failure: GSSAPI Error:
> Unspecified GSS failure. Minor code may provide more information (Server
> not found in Kerberos database)
>
> This issue was happening only from one client, some Debian Jessie (8), it
> wasn't happening on DC which all run Centos7.
>
> The reason was simple: no reverse DNS configured for that DC.
>
> The solution for us was to add this missing reverse DNS entry but it should
> be possible to configure client to avoid using reverse DNS.
Thanks for letting us know Mathias ! That kind of info is always
useful to help others who may be running into these things.
Cheers,
Jeremy.
More information about the samba
mailing list