directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Seelmann <seelm...@apache.org>
Subject Re: Configuring Apache Directory studio with kerberos
Date Tue, 02 Feb 2010 20:44:28 GMT
Amila Suriarachchi wrote:
> I tried to do the authentication with the following values. (after 
> following the given tutorial )
> 
> Bind DN or user : hnelson@EXAMPLE.COM <mailto:hnelson@EXAMPLE.COM>
> Bind Password : secret
> 
> At kerborose settings
> 
> set : Obtain TGT from KDC
> set : Use Native System Configuration

That's ok.

> Then tried to Authenticate and got the following exception at client side
> 
> The authentication failed
>  - Request: 1 cancelled
>   javax.naming.CommunicationException: Request: 1 cancelled
snip
> And following at server side.
> 
> [18:41:16] WARN 
> [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] 
> - Additional pre-authentication required (25)
> [18:41:16] WARN 
> [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] 
> - No server entry found for kerberos principal name 
> ldap/localhost@EXAMPLE.COM

Sorry, there was a small bug in the server.xml. Please set the 
searchBaseDn of ldapServer:

   <ldapServer ...
             saslHost="localhost"
             saslPrincipal="ldap/localhost@EXAMPLE.COM"
             searchBaseDn="ou=users,dc=example,dc=com"
             ...>


Kind Regards,
Stefan




Mime
View raw message