Lukas Grässlin writes:
> It's ldapsearch in all cases with libsasl2-modules-gssapi-mit:amd64
> 2.1.28+dfsg-10 on Debian and cyrus-sasl-gssapi-2.1.27-6.el8_5.x86_64 on
> the RHEL machine.
I suspect you are being bitten by:
On 26.04.2024 10:06, Lukas Grässlin wrote:
On 25.04.2024 23:25, Sam Hartman wrote:
How are you actually triggering the GSS-API authentication?
ldapsearch in all cases?
And you are confident that libkrb5 is triggering the reverse lookup not
your application?
(I realize that you may be using the
On 25.04.2024 23:25, Sam Hartman wrote:
How are you actually triggering the GSS-API authentication?
ldapsearch in all cases?
And you are confident that libkrb5 is triggering the reverse lookup not
your application?
(I realize that you may be using the same application on Debian and RH,
but there
> "Lukas" == Lukas Grässlin writes:
Lukas> We have a scenario where we need to disable reverse lookups for
Lukas> canonicalization in Kerberos as the customer's PTR records are not
Lukas> consistent and lead to wrongly requested SPNs otherwise (see
Lukas>
Package: libkrb5-3
Version: 1.20.1-2+deb12u1
Severity: normal
X-Debbugs-Cc: lukas.graess...@adfinis.com
We have a scenario where we need to disable reverse lookups for
canonicalization in Kerberos as the customer's PTR records are not
consistent and
5 matches
Mail list logo