Bind Errors Occur When Using SASL/GSSAPI Authentication Between Replicas
Issue
- The following error is returned by a supplier replica while attempting to update or initialize a consumer replica via SASL/GSSAPI authentication (Kerberos):
[21/Mar/2012:12:42:39 -0700] slapd_ldap_sasl_interactive_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: error 49 (Invalid credentials) (SASL(-14): authorization failure: )
[21/Mar/2012:12:42:39 -0700] slapi_ldap_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: error 49 (Invalid credentials)
Environment
- Red Hat Directory Server
- Replication agreements configured to use SASL authentication (Kerberos)
- SASL mapping that specifies the Kerberos realm in the principal name.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.