Is it slapd reading its key tab incorrectly or is the hostname being derived incorrectly. Is this a host file issue?
Matt Pallissard -------- Original Message -------- From: Jaap Winius <jwin...@umrk.nl> Sent: Thu Apr 13 18:20:33 CDT 2017 To: Jaap Winius <jwin...@umrk.nl> Cc: "Pallissard, Matthew" <k...@pallissard.net>, kerberos@mit.edu Subject: Re: KDC 1.15 startup error: Invalid credentials - while initializing database Quoting Jaap Winius <jwin...@umrk.nl>: > slapd[560]: GSSAPI Error: Unspecified GSS failure. \ > Minor code may provide more information \ > (Server ldap/localh...@example.com not found in Kerberos database) Invalid credentials? It's because of this. Slapd should discover its identity by reading its keytab, the location for which can be found in the value for KRB5_KTNAME (set in /etc/default/slapd), but that's not happening. This is starting to look like a bug, perhaps in libsasl2-modules-gssapi-mit. Cheers, Jaap ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos