openldap-sasl fails after 8.1 upgrade
reko.turja at liukuma.net
Wed Aug 25 19:34:32 UTC 2010
Sadly the GSSAPI/Kerberos has been broken in 8.x for a good while now.
You can either install the heimdal or MIT port, although getting that
to work in stead of the base can be messy.
kern/147454 PR actually has a working fix, although I'm not sure if it
applies cleanly as it's pretty big - I managed to get working GSSAPI
with it on 8.1 PRERELEASE.
See also discussion at
From: "LeonMeßner" <l.messner at physik.tu-berlin.de>
Sent: Wednesday, August 25, 2010 7:04 PM
To: <freebsd-questions at freebsd.org>
Subject: openldap-sasl fails after 8.1 upgrade
> after binary upgrading to freebsd8.1 from 7.2 i encounter an error
> with openldap24, cyrus-sasl2 and kerberos:
> # ldapsearch uid=whatever
> SASL/GSSAPI authentication started
> ldap_sasl_interactive_bind_s: Other (e.g., implementation specific)
> error (80)
> additional info: SASL(-1): generic failure: GSSAPI Error: No
> credentials were supplied, or the credentials were unavailable or
> inaccessible. (unknown mech-code 0 for mech unknown)
> Simple binding to the ldap server does work. The KDC behind this is
> still on kerberos 0.6.3 (FreeBSD7.3) and there have been reported
> Problems with such a setup, but as i can login through ssh and
> i suppose these  don't apply here (also already tested the
> If anybody got any insight please share.
> Thanks in Advance,
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions