directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <elecha...@gmail.com>
Subject Re: Kerberos configuration with wrong user DN...
Date Tue, 15 Jan 2008 11:37:45 GMT
Aleksandar Vidakovic wrote:
> As I understand it this means that the client is sending the right
> information and something is badly configured on the ApacheDS side. Right?
>   
Correct. It seems that the server is still looking in the wrong place :

[org.apache.directory.server.core.partition.DefaultPartitionNexus] -
Check if DN
'2.5.4.11=users,0.9.2342.19200300.100.1.25=example,0.9.2342.19200300.100.1.25=com'



Is the new server.xml in place ? Has the server been restarted? Are you 
sure that the server.xml used is not the previous one ?
> And then a little bit further I see this:
>
> [log]
>
>         at
> org.apache.directory.server.kerberos.shared.store.SingleBaseSearch.execute(SingleBaseSearch.java:104)
>         ... 32 more
> [12:11:13] DEBUG
> [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler]
> - Responding to request with error:
>         explanatory text:      Client not found in Kerberos database
>         error code:            6
>         clientPrincipal:       null
>         client time:           20080115111113Z
>         serverPrincipal:       krbtgt/EXAMPLE.COM@EXAMPLE.COM
>         server time:           null
>
> [/log]
>
> This is something that I wouldn't expect here; I did a new ApacheDS
> installation and this entry doesn't exist in my LDIF that I am
> importing. Is this log entry caused by the kerberos client?
>   
I think that you don't run the good server, or that you are using a 
previous install somehow.

-- 
--
cordialement, regards,
Emmanuel L├ęcharny
www.iktek.com
directory.apache.org



Mime
View raw message