Bug#310438: sasl2-bin: too many groups in Win*AD stop Saslauthd-logins even in krb5 as if heimdall

[Stucki]

Package: sasl2-bin
Version: 2.1.19-1.5
Severity: important


Hi!

'Once ago' saslauthd linked against heimdall libraries, which can not
cope with Kreberos-via-TCP (for Tickes longer than one UDP-Packet).
So we switched cyrus and saslauthd to testing and
a (not exactly known) while ago everything worked fine.
NOW in (one of the last updates?) the Problem is back.

Users, who are in 'near 10 Windows Groups' can not login
via saslauthd.  Message ist 'autentication fails'.
(While 'kinit' on the same host gets correct tickets for
 the same User!)

Looking at 'ldd /usr/sbin/saslauthd' I found first
        libkrb.so.1 => /usr/lib/libkrb.so.1 (0x4001d000)
and later
        libgssapi.so.1 => /usr/lib/libgssapi.so.1 (0x4013c000)
        libkrb5.so.17 => /usr/lib/libkrb5.so.17 (0x4014d000)

May be the Connection to Active-Directory is 'opened'
with the wrong (older?) Protocol, then fails, if Win*
sends answers via TCP?  (This happened in older Systems)

Is there ANY chance to get a saslauthd on pure MIT-Kerberos?

Stucki

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.25
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages sasl2-bin depends on:
ii  base-passwd                 3.5.9        Debian base system master password
ii  libasn1-6-heimdal           0.6.3-10     Libraries for Heimdal Kerberos
ii  libc6                       2.3.2.ds1-21 GNU C Library: Shared libraries an
ii  libcomerr2                  1.37-2       common error description library
ii  libdb4.2                    4.2.52-18    Berkeley v4.2 Database Libraries [
ii  libgssapi1-heimdal          0.6.3-10     Libraries for Heimdal Kerberos
ii  libkrb-1-kerberos4kth       1.2.2-11.2   Kerberos Libraries for Kerberos4 F
ii  libkrb5-17-heimdal          0.6.3-10     Libraries for Heimdal Kerberos
ii  libldap2                    2.1.30-6     OpenLDAP libraries
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libroken16-kerberos4kth     1.2.2-11.2   Roken Libraries for Kerberos4 From
ii  libsasl2                    2.1.19-1.5   Authentication abstraction library
ii  libssl0.9.7                 0.9.7e-3     SSL shared libraries

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]