OUD11g - The GSSAPI Authentication to Directory Server is Not Working
Last updated on MARCH 16, 2018
Applies to:Oracle Unified Directory - Version 22.214.171.124.1 to 126.96.36.199.180116 [Release 11g]
Information in this document applies to any platform.
While attempting to perform GSSAPI authentication to the Directory Server.
The next error is observed
$ ./ldapsearch -h <OUD_HOST> -p 1389 -o mech=GSSAPI -o authid=<user> -o authzid="<user_DN>" -b "" -s base "(objectClass=*)"
An error occurred while attempting to perform GSSAPI authentication to the Directory Server: PrivilegedActionException(AccessController.java:-2)
Result Code: 82 (Local Error)"
In the OUD access logs observing:
[17/Jan/2018:10:53:48 -0500] BIND REQ conn=1001 op=0 msgID=1 type=SASL mechanism=GSSAPI dn="" version=3
[17/Jan/2018:10:53:48 -0500] BIND RES conn=1001 op=0 msgID=1 result=7 message="Unable to process the bind request because it attempted to use an
unknown SASL mechanism GSSAPI that is not available in the Directory Server" etime=0
[17/Jan/2018:10:53:48 -0500] DISCONNECT conn=1001 reason="Client Disconnect"
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms