On Fri, Jun 25, 2010 at 12:55:02PM +0400, Alexander Gordeev wrote: > > Sorry, I didn't tell you that this log was from another machine, with > it's own key, and therefore I changed ldap_sasl_authid appropriately. > On desktopvm everything is the same i.e. auth fails in the same way. > > Seems I'll have to dive into debugging SASL... But maybe you have some > hints for me? :) > > > -- > Alexander
If kinit -k -t /etc/krb5.keytab && ldapsearch works on desktopvm you can try with the credentail cache of sssd /var/lib/sss/db/ccache_GNET (please check if the TGT is still valid before you use it): KRB5CCNAME=/var/lib/sss/db/ccache_GNET ldapsearch should work If this work, then I think sssd does something wrong. If it does not work, please compare the content of the ccache you get with 'kinit -k -t /etc/krb5.keytab' with /var/lib/sss/db/ccache_GNET. HTH bye, Sumit _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
