Package: ldap-utils Version: 2.4.31-1 When /etc/hosts contains only the IPv4 address of the server, everything works.
root@tyla:~# ldapsearch -Y GSSAPI -R AD.VPAC.ORG -b dc=ad,dc=vpac,dc=org uid=aspiers -H ldap://sys11.ad.vpac.org/ -A > /dev/null SASL/GSSAPI authentication started SASL username: [email protected] SASL SSF: 56 SASL data security layer installed. If ldapsearch uses IPv6, then things don't work. With libsasl2-modules-gssapi-mit installed. root@tyla:~# ldapsearch -Y GSSAPI -R AD.VPAC.ORG -b dc=ad,dc=vpac,dc=org uid=aspiers -H ldap://sys11.ad.vpac.org/ -A SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Local error (-2) additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Cannot determine realm for numeric host address) With libsasl2-modules-gssapi-heimdal installed. root@tyla:~# ldapsearch -Y GSSAPI -R AD.VPAC.ORG -b dc=ad,dc=vpac,dc=org uid=aspiers -H ldap://sys11.ad.vpac.org/ -A SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Local error (-2) additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (see text) (Matching credential (ldap/ 2001:388:60ac:10d:214:85ff:fef6:[email protected]) not found) It should not be trying to use ldap/ 2001:388:60ac:10d:214:85ff:fef6:[email protected], it should use the name I specified on the command line, i.e. ldap/[email protected] -- Brian May <[email protected]>
