Full_Name: Sumit Bose Version: 2.4.34 OS: Fedora 18 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (88.72.5.29)

When using LDAPI with GSSAPI and SASL_NOCANON=on I get the following error:

# LDAPSASL_NOCANON=on ldapsearch -H 'ldapi://%2fvar%2frun%2fslapd-IPA18-DEVEL.socket' -Y GSSAPI -s base dn SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Local error (-2) additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server krbtgt/SOCKET@IPA18.DEVEL not found in Kerberos database)

This happens because if SASL_NOCANON=on the "host" part from the LDAP URI is used as SASL host, which just contains a local path in the LDAPI case.

The related Fedora issue is tracked in https://bugzilla.redhat.com/show_bug.cgi?id=960222 which also contains a patch for the issue https://bugzilla.redhat.com/attachment.cgi?id=744866 .