Cyrus SASL lib and MIT kerberos installed.
But testing w/ negotiation between sample-server and sample-client failed:
run "./sample-server -s ldap -p ../plugins/.libs" gives me
Quote:
Generating client mechanism list...
Sending list of 7 mechanism(s)
S: Q1JBTS1NRDUgUExBSU4gR1NTQVBJIERJR0VTVC1NRDUgTE9HSU4gT1RQIEFOT05ZTU9VUw==
Waiting for client mechanism...
|
run "./sample-client -s ldap -n host.company.com -u user -p ../plugins/.libs" gives me
Quote:
service=ldap
Waiting for mechanism list from server...
|
where "ldap" and "user" is in kerberos and "kinit user" succeeds and kerberos should work (can be used for login with pam_krb5) and keys are extracted to krb5.keytab.
Then, after copy the whole line from "S:" to client, client script quit and complains the following:
Quote:
lt-sample-client: Decoding data from base64: bad protocol / cancel
|
In fact, the same error message is shown no matter if a "kinit" is issued previously or no "-s", "-p", "-n", or "-u" used for sample-server and sample-client at all.
or maybe the line starting w/ "S:" was not correctly copied and pasted to the client side? I tried to copy and paste until the last "=" sign but the client just sit there and did nothing. So, I guess the client should wait for some terminating char(s). Then I tried to hit "Enter" but that gave me the same error...
So, what might cause this problem? Could be configuration option like mit kerberos gssapi lib path or something?
Thanks!