Hi all,
I'm new to this so forgive me for any stupid questions/assumptions or if I miss anything out. :)
I'm trying to set up a Krb5 authenticated OpenLDAP server, mainly for educational purposes, so I've been trying to merge together various guides on the internet to a working setup. Unfortunately, I'm now getting the following error:
cameron@gimli:~$ ldapsearch SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Local error (-2)
No additional information or anything. ldapsearch -x works as expected.
My setup is currently all on one system: Ubuntu Server 8.10, slapd/ldap-utils 2.4.11, MIT krb5-kdc 1.6.
This is my config file (slapd.d format):
root@gimli:~# cat /etc/ldap/slapd.d/cn=config.ldif dn: cn=config objectClass: olcGlobal cn: config olcArgsFile: /var/run/slapd/slapd.args olcLogLevel: none olcPidFile: /var/run/slapd/slapd.pid olcToolThreads: 1 olcTLSCACertificateFile: /etc/ldap/ssl/server.pem olcTLSCertificateFile: /etc/ldap/ssl/server.pem olcTLSCertificateKeyFile: /etc/ldap/ssl/server.pem olcTLSVerifyClient: allow olcSaslRealm: LOCAL olcSaslHost: ldap.local structuralObjectClass: olcGlobal entryUUID: ccd3335c-5da4-102d-9155-ed2c61020a96 creatorsName: cn=config createTimestamp: 20081213210021Z entryCSN: 20081213210021.939004Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20081213210021Z
I'm using ldaps://ldap.local as the service URL, and that all seems to be working okay as indicated by the simple authentication. ldap.local has an entry in the DNS server.
Any ideas on where I can go from here?
Thanks,
Cameron Harris