On Wed, Mar 25, 2009 at 06:24:45PM +0100, Marco Ghidinelli wrote:
On 03/25/2009 03:46 PM, Guido Günther wrote:
i changed the line above, but with or without the change the result is the same:
Did you allow for non kerberos authentication in your configuration? You should can disable kerberos authentication completely for testing. Cheers,
hello guido, sorry for the delay. Same here.
i disabled the kerberos auth, and (with the verifyCredentials() forced to True) i can now login, and see the collection listing and properties. O.k. so we're sure the nss directory service works.
and now? Please reenable kerberos (and revert the always auth hack e.g. by doing "apt-get install --reinstall calendarserver), then Let's have a look at your configs and logs. You can send them in private mail if you don't want to post them to the list.
i reassume the kerberos situation:
$ kinit -k -t /etc/krb5.keytab http/muttley.domain.local@TURBODEN.LOCAL $ klist Ticket cache: FILE:/tmp/krb5cc_1000 Default principal: http/muttley.domain.local@DOMAIN.LOCAL
Valid starting Expires Service principal 03/25/09 18:21:15 03/26/09 04:21:17 krbtgt/DOMAIN.LOCAL@DOMAIN.LOCAL renew until 03/26/09 18:21:15 03/25/09 18:21:20 03/26/09 04:21:17 http/muttley.domain.local@DOMAIN.LOCAL renew until 03/26/09 18:21:15
Kerberos 4 ticket cache: /tmp/tkt1000 klist: You have no tickets cached
$ kvno http/muttley.turboden.local http/muttley.domain.local@DOMAIN.LOCAL: kvno = 6 There seems to be a mix of TURBODEN and DOMAIN here. Is that a c'n'p error? Cheers, -- Guido