On Thu, May 8, 2014 at 12:00 AM, Reid Varner <[email protected]> wrote:
> Hello, > > > > I am tasked with setting up an ApacheDS 2.0.0 LDAP + Kerberos (including > KDC) server for use in our testing environment. I followed this guide< > https://directory.apache.org/apacheds/kerberos-ug/4.2-authenticate-studio.html>, > but am unable to successfully authenticate with my LDAP server using > Kerberos as per the final step on that page. > > I am using the latest Apache Directory Studio (2.0.0.v20130628). > > When I have "Require Pre-Authentication By Encrypted TimeStamp" checked > and I click "Check Authentication", I get the > error:javax.security.auth.login.LoginException: Integrity check on > decrypted field failed (31) > > When I uncheck that field, restart the server, and click "Check > Authentication" again, I get: javax.security.auth.login.LoginException: > Checksum Failed > > > > I am sure the username and password I am supplying is correct. What could > be the problem? Has anyone successfully set up ApacheDS 2.0.0 with > Kerberos? Is there a guide I should be following somewhere? > > It seems the folks over at ApacheDS have yet to document configuration< > http://directory.apache.org/apacheds/kerberos-ug/2-kerberos-config.html> > of their Kerberos server. > > Fyi, my configuration is exactly as per the guide< > https://directory.apache.org/apacheds/kerberos-ug/4.2-authenticate-studio.html > >. > > this configuration is correct and I confirm that this works as expected with version 2.0.0-M16. Can you replace your server's log4j.properties with this http://pastebin.com/Hqzt96Aw and send us the log (you cannot attach to the mail, so use any pastebin site and provide us the link) otoh, your mail was delivered to us today due to an issue with ASF's mail server. > Many thanks, > > Reid > -- Kiran Ayyagari http://keydap.com
