[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: krb5_verify_user_opt failed

To: heimdal-discuss@sics.se
Subject: Re: krb5_verify_user_opt failed
From: German Shorthair <germanshorthairpointer@gmail.com>
Date: Thu, 15 Sep 2005 17:19:30 -0400
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=mec5MStK9Tr+lRnRwR08W6RuG4ZPFcqumBcwS+ZnqLvltyj/RGGKOnXN5RZhskvJ4XCVMcwYCB/IX9YyErL09GUE9evYlxQAfc1+s1VAWd2TsY06rTWmK/oOqOo5eQM0L1cKhzQ1sR4Au1uHmD5Bg1wViMTWh4GEUHbAujQZyQw=
In-Reply-To: <20050915164400.GA1476@dsl092-173-085.wdc2.dsl.speakeasy.net>
References: <857b8f5605091419283d34f937@mail.gmail.com> <20050915164400.GA1476@dsl092-173-085.wdc2.dsl.speakeasy.net>
Reply-To: germanshorthairpointer@gmail.com
Sender: owner-heimdal-discuss@sics.se

I added the imap service and even ran testsaslauthd with host and ldap
as the service.  Here's the result:

Sep 15 17:07:55 ldap-1 saslauthd[30446]: do_auth         : auth
failure: [user=jdoe] [service=host] [realm=someschool.edu]
[mech=kerberos5] [reason=krb5_verify_user_opt failed]
Sep 15 17:08:01 ldap-1 saslauthd[30448]: do_auth         : auth
failure: [user=jdoe] [service=imap] [realm=someschool.edu]
[mech=kerberos5] [reason=krb5_verify_user_opt failed]
Sep 15 17:08:04 ldap-1 saslauthd[30450]: do_auth         : auth
failure: [user=jdoe] [service=ldap] [realm=someschool.edu
[mech=kerberos5] [reason=krb5_verify_user_opt failed]


On 9/15/05, Buck Huppmann <buckh@pobox.com> wrote:
> On Wed, Sep 14, 2005 at 10:28:13PM -0400, German Shorthair wrote:
> 
> > Sep  1 18:19:43 ldap-1 saslauthd[8633]: do_auth         : auth
> > failure: [user=jdoe] [service=imap] [realm=someschool.edu]
>                         ^^^^^^^^^^^^
>                         do you need a key for this in your keytab
>                         (and in your realm database), maybe?
> 
> --buck
> 
> > [root@ldap-1 saslauthd]# /usr/heimdal/sbin/ktutil list
> > FILE:/etc/krb5.keytab:
> >
> > Vno  Type                     Principal
> >  1  des-cbc-md5              ldap/ldap-1.someschool.edu@SOMESCHOOL.EDU
> >  1  des-cbc-md4              ldap/ldap-1.someschool.edu@SOMESCHOOL.EDU
> >  1  des-cbc-crc              ldap/ldap-1.someschool.edu@SOMESCHOOL.EDU
> >  1  aes256-cts-hmac-sha1-96  ldap/ldap-1.someschool.edu@SOMESCHOOL.EDU
> >  1  des3-cbc-sha1            ldap/ldap-1.someschool.edu@SOMESCHOOL.EDU
> >  1  arcfour-hmac-md5         ldap/ldap-1.someschool.edu@SOMESCHOOL.EDU
> >  1  des-cbc-md5              host/ldap-1.someschool.edu@SOMESCHOOL.EDU
> >  1  des-cbc-md4              host/ldap-1.someschool.edu@SOMESCHOOL.EDU
> >  1  des-cbc-crc              host/ldap-1.someschool.edu@SOMESCHOOL.EDU
> >  1  aes256-cts-hmac-sha1-96  host/ldap-1.someschool.edu@SOMESCHOOL.EDU
> >  1  des3-cbc-sha1            host/ldap-1.someschool.edu@SOMESCHOOL.EDU
> >  1  arcfour-hmac-md5         host/ldap-1.someschool.edu@SOMESCHOOL.EDU
>

Follow-Ups:
- Re: krb5_verify_user_opt failed
  - From: German Shorthair <germanshorthairpointer@gmail.com>

References:
- krb5_verify_user_opt failed
  - From: German Shorthair <germanshorthairpointer@gmail.com>
- Re: krb5_verify_user_opt failed
  - From: Buck Huppmann <buckh@pobox.com>

Prev by Date: Re: krb5_verify_user_opt failed
Next by Date: pkinit and krb5.conf [appdefaults] section
Prev by thread: Re: krb5_verify_user_opt failed
Next by thread: Re: krb5_verify_user_opt failed
Index(es):
- Date
- Thread