My Oracle Support Banner

OUD 11.1.2.3.1 When configuring OUD with dsconfig to configure Kerberos the following error is seen. [LDAP: error code 53 - Entry cn=GSSAPI,cn=SASL Mechanisms,cn=config (Doc ID 2370972.1)

Last updated on MARCH 18, 2018

Applies to:

Oracle Unified Directory - Version 11.1.2.3.1 and later
Information in this document applies to any platform.

Symptoms

On : 11.1.2.3.1 version, Authentication.

When configuring Kerberos with dsconfig the following error may be seen.


$ ./dsconfig -X -n -p 4444 -h myoudserver.example.com -D "cn=Directory Manager" -j /tmp/mypasswed set-sasl-mechanism-handler-prop --handler-name GSSAPI --set enabled:true --set keytab:/etc/krb5.keytab --set server-fqdn:myoudserver.example.com

The GSSAPI SASL Mechanism Handler could not be modified because of the
following reason:

   *  [LDAP: error code 53 - Entry cn=GSSAPI,cn=SASL Mechanisms,cn=config
      cannot be modified because one of the configuration change listeners
      registered for that entry rejected the change:  An error occurred while
      trying to initialize an instance of class
      org.opends.server.extensions.GSSAPISASLMechanismHandler as a SASL
      mechanism handler as defined in configuration entry cn=GSSAPI,cn=SASL
      Mechanisms,cn=config:  The configuration for the SASL mechanism handler
      defined in configuration entry cn=GSSAPI,cn=SASL Mechanisms,cn=config
      was not acceptable:  An error occurred while attempting to create the
      JAAS login context for GSSAPI authentication:  LoginException(ICMP Port
      Unreachable) (SASLConfigManager.java:431 SASLConfigManager.java:278
      SASLConfigManager.java:74
      ServerManagedObjectChangeListenerAdaptor.java:103
      ConfigChangeListenerAdaptor.java:424
      ConfigChangeListenerAdaptor.java:379 ConfigFileHandler.java:1756
      LocalBackendModifyOperation.java:713
      LocalBackendWorkflowElement.java:214 WorkflowImpl.java:365
      WorkflowTopologyNode.java:130 ModifyOperationBasis.java:619
      SynchronousStrategy.java:54 LDAPClientConnection.java:1307
      LDAPClientConnection.java:2308 LDAPClientConnection.java:1783
      LDAPRequestHandler.java:188)]


Changes

 Newly configured KDC Key Distribution Center.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.