My Oracle Support Banner

OUD 11g - Error Received when Configuring Kerberos Using 'dsconfig' of: "LDAP: error code 53 - Entry cn=GSSAPI,cn=SASL Mechanisms,cn=config" (Doc ID 2370972.1)

Last updated on SEPTEMBER 07, 2020

Applies to:

Oracle Unified Directory - Version and later
Information in this document applies to any platform.


OUD Authentication.

When configuring Kerberos with dsconfig the following error may be seen.

$ ./dsconfig -X -n -p <ADMIN_PORT> -h <HOSTNAME> -D "cn=<DS_ADMIN>" -j <PWD_FILE> set-sasl-mechanism-handler-prop --handler-name GSSAPI --set enabled:true --set keytab:/etc/krb5.keytab --set server-fqdn:<HOSTNAME>

The GSSAPI SASL Mechanism Handler could not be modified because of the
following reason:

   *  [LDAP: error code 53 - Entry cn=GSSAPI,cn=SASL Mechanisms,cn=config
      cannot be modified because one of the configuration change listeners
      registered for that entry rejected the change:  An error occurred while
      trying to initialize an instance of class
      org.opends.server.extensions.GSSAPISASLMechanismHandler as a SASL
      mechanism handler as defined in configuration entry cn=GSSAPI,cn=SASL
      Mechanisms,cn=config:  The configuration for the SASL mechanism handler
      defined in configuration entry cn=GSSAPI,cn=SASL Mechanisms,cn=config
      was not acceptable:  An error occurred while attempting to create the
      JAAS login context for GSSAPI authentication:  LoginException(ICMP Port
      Unreachable) (]


 Newly configured KDC Key Distribution Center.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.