[30913] in Kerberos
RE: SASL authentication
daemon@ATHENA.MIT.EDU (Xu, Qiang (FXSGSC))
Tue Mar 24 03:05:31 2009
From: "Xu, Qiang (FXSGSC)" <Qiang.Xu@fujixerox.com>
To: Markus Moeller <huaraz@moeller.plus.com>,
"kerberos@mit.edu"
<kerberos@mit.edu>
Date: Tue, 24 Mar 2009 15:04:27 +0800
Message-ID: <D8C9BC7FFCF8154FB7141EB8DB609C1729058B37B9@SGPAPHQ-EXSCC01.dc01.fujixerox.net>
In-Reply-To: <9aednSI1rOXih1XUnZ2dnUVZ8i6WnZ2d@posted.plusnet>
Content-Language: en-US
MIME-Version: 1.0
X-MAIL-FROM: <qiang.xu@fujixerox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
> -----Original Message-----
> From: kerberos-bounces@mit.edu
> [mailto:kerberos-bounces@mit.edu] On Behalf Of Markus Moeller
> Sent: Tuesday, March 24, 2009 7:26 AM
> To: kerberos@mit.edu
> Subject: Re: SASL authentication
>
> Can you get a network capture with wireshark on your 2003
> server of all traffic from your client when you do the following
>
> On the client:
> kinit qxu@SESSWIN2003.COM
> ldapsearch -Y GSSAPI -H 'ldap://sesswin2003.sesswin2003.com'
> -b 'dc=sesswin2003,dc=com' -s sub -LLL '(cn=qxu)' mail
>
> Make sure that sesswin2003.sesswin2003.com resolves to the
> correct ip or is in your hosts file.
Just as you guess, Markus, there is no network traffic arriving at the LDAP server when I run ldapsearch command. In contrast, when I run kinit command, ethereal can help me capture Kerberos packets. So it seems the FQDN "sesswin2003.sesswin2003.com" cannot be resolved.
Shall I do something to the file "/etc/hosts"? Could you give me some suggestion on how to resolve this name? Please note that the client (where kinit and ldapsearch are run) is not in the domain "sesswin2003.com".
Thanks,
Xu Qiang
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos