My Oracle Support Banner

OUD 11g - Error Received when Configuring Kerberos Using 'dsconfig' of: "LDAP: error code 53 - Entry cn=GSSAPI,cn=SASL Mechanisms,cn=config" (Doc ID 2370972.1)

Last updated on SEPTEMBER 07, 2020

Applies to:

Oracle Unified Directory - Version 11.1.2.3.1 and later
Information in this document applies to any platform.

Symptoms

OUD Authentication.

When configuring Kerberos with dsconfig the following error may be seen.


$ ./dsconfig -X -n -p <ADMIN_PORT> -h <HOSTNAME> -D "cn=<DS_ADMIN>" -j <PWD_FILE> set-sasl-mechanism-handler-prop --handler-name GSSAPI --set enabled:true --set keytab:/etc/krb5.keytab --set server-fqdn:<HOSTNAME>

The GSSAPI SASL Mechanism Handler could not be modified because of the
following reason:

   *  [LDAP: error code 53 - Entry cn=GSSAPI,cn=SASL Mechanisms,cn=config
      cannot be modified because one of the configuration change listeners
      registered for that entry rejected the change:  An error occurred while
      trying to initialize an instance of class
      org.opends.server.extensions.GSSAPISASLMechanismHandler as a SASL
      mechanism handler as defined in configuration entry cn=GSSAPI,cn=SASL
      Mechanisms,cn=config:  The configuration for the SASL mechanism handler
      defined in configuration entry cn=GSSAPI,cn=SASL Mechanisms,cn=config
      was not acceptable:  An error occurred while attempting to create the
      JAAS login context for GSSAPI authentication:  LoginException(ICMP Port
      Unreachable) (SASLConfigManager.java:431 SASLConfigManager.java:278
      SASLConfigManager.java:74
      ServerManagedObjectChangeListenerAdaptor.java:103
      ConfigChangeListenerAdaptor.java:424
      ConfigChangeListenerAdaptor.java:379 ConfigFileHandler.java:1756
      LocalBackendModifyOperation.java:713
      LocalBackendWorkflowElement.java:214 WorkflowImpl.java:365
      WorkflowTopologyNode.java:130 ModifyOperationBasis.java:619
      SynchronousStrategy.java:54 LDAPClientConnection.java:1307
      LDAPClientConnection.java:2308 LDAPClientConnection.java:1783
      LDAPRequestHandler.java:188)]


Changes

 Newly configured KDC Key Distribution Center.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.