OUD11g - The GSSAPI Authentication to Directory Server is Not Working
Last updated on MARCH 16, 2018
Applies to:
Oracle Unified Directory - Version 11.1.2.3.1 to 11.1.2.3.180116 [Release 11g]Information in this document applies to any platform.
Symptoms
While attempting to perform GSSAPI authentication to the Directory Server.
The next error is observed
$ ./ldapsearch -h <OUD_HOST> -p 1389 -o mech=GSSAPI -o authid=<user> -o authzid="<user_DN>" -b "" -s base "(objectClass=*)"
An error occurred while attempting to perform GSSAPI authentication to the Directory Server: PrivilegedActionException(AccessController.java:-2)
Result Code: 82 (Local Error)"
In the OUD access logs observing:
[17/Jan/2018:10:53:47 -0500] CONNECT conn=1001 from=xxxx:58786 to=xxxx:1389 protocol=LDAP
[17/Jan/2018:10:53:48 -0500] BIND REQ conn=1001 op=0 msgID=1 type=SASL mechanism=GSSAPI dn="" version=3
[17/Jan/2018:10:53:48 -0500] BIND RES conn=1001 op=0 msgID=1 result=7 message="Unable to process the bind request because it attempted to use an
unknown SASL mechanism GSSAPI that is not available in the Directory Server" etime=0
[17/Jan/2018:10:53:48 -0500] DISCONNECT conn=1001 reason="Client Disconnect"
[17/Jan/2018:10:53:48 -0500] BIND REQ conn=1001 op=0 msgID=1 type=SASL mechanism=GSSAPI dn="" version=3
[17/Jan/2018:10:53:48 -0500] BIND RES conn=1001 op=0 msgID=1 result=7 message="Unable to process the bind request because it attempted to use an
unknown SASL mechanism GSSAPI that is not available in the Directory Server" etime=0
[17/Jan/2018:10:53:48 -0500] DISCONNECT conn=1001 reason="Client Disconnect"
Cause
Sign In with your My Oracle Support account |
|
Don't have a My Oracle Support account? Click to get started |
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms