On Sun, Dec 14, 2008 at 11:31 AM, Michael Ströder <[email protected]>wrote:
>
> Did you obtain a TGT before? What's the output of command klist?
>
> Ciao, Michael.
>
I did obtain a TGT with kinit:
came...@gimli:~$ klist
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: came...@local
Valid starting Expires Service principal
12/14/08 00:40:14 12/14/08 10:40:14 krbtgt/lo...@local
renew until 12/15/08 00:40:12
There is an entry for ldap/ldap.lo...@local in /etc/krb5.keytab, and
openldap has permission to
read it, but it isn't giving me a ticket when I connect as various articles
on the internet implied it should. Additionally,
strace-ing ldap didn't show it opening or reading the keytab (if it should),
nor doing anything else SASL
related other than loading the libraries.
Thanks,
Cameron Harris
