[30887] in Kerberos
RE: SASL authentication
daemon@ATHENA.MIT.EDU (Xu, Qiang (FXSGSC))
Wed Mar 18 23:34:40 2009
From: "Xu, Qiang (FXSGSC)" <Qiang.Xu@fujixerox.com>
To: =?iso-8859-1?Q?Michael_Str=F6der?= <michael@stroeder.com>,
"kerberos@mit.edu" <kerberos@mit.edu>
Date: Thu, 19 Mar 2009 11:33:40 +0800
Message-ID: <D8C9BC7FFCF8154FB7141EB8DB609C1727084681CD@SGPAPHQ-EXSCC01.dc01.fujixerox.net>
In-Reply-To: <68h696-ul2.ln1@nb2.stroeder.com>
Content-Language: en-US
MIME-Version: 1.0
X-MAIL-FROM: <qiang.xu@fujixerox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
> -----Original Message-----
> From: kerberos-bounces@mit.edu
> [mailto:kerberos-bounces@mit.edu] On Behalf Of Michael Str?der
> Sent: Wednesday, March 18, 2009 2:34 PM
> To: kerberos@mit.edu
> Subject: Re: SASL authentication
>
> Did you try command-line option -A when invoking kinit as I
> suggested in my previous posting? It seems you probably
> should read a bit more about how Kerberos works especially
> regarding ticket types. There are tons of docs out there.
Yes, I have tried the option -A. Originally I was using "kinit -f ...". Now I am using "kinit -f -A ...". As far as I know, the option -A is "do not include addresses". I can't see any gain here. After using -A option, the error msg is still "82 Local error" when doing SASL binding.
>From Google, I can only get a small number of materials on how to create a service principal under Windows 2003 Server. But they are all somewhat ambiguous, and I still can't figure out how to create a keytab file for LDAP client's use.
Thanks,
Xu Qiang
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
