[CalendarServer-users] calendarserver on debian via nss and kerberos

Marco Ghidinelli marco.ghidinelli at turboden.net
Tue Mar 24 07:03:41 PDT 2009

On Mon, Mar 23, 2009 at 07:10:51AM +0100, Guido Günther wrote:
 > On Tue, Mar 03, 2009 at 12:27:45PM +0100, Marco Ghidinelli wrote:
 > > hello,
 > > anyone was able to use calendarserver on debian 5 with users from
 > > nssswitch and authentication via SPNEGO/Kerberos?
 > >
 > > I followed the README.Debian, but with no results.
 > To verify if NSS really works you can change:

 > in twistedcaldav/directory/nss.py. This will disable *all*
 > authentication but the first/lastValUid etc checks will still be in
 > place. Once this works we can try to work out why kerberos fails.

hello guido,

i changed the line above, but with or without the change the result is
the same:

i always get an
2009-03-24 14:33:46+0100 [-] [caldav-8008]  [NegotiateCredentialFactory]
'authGSSServerStep: Unspecified GSS failure.  Minor code may provide
more information(No error)'

so i changed the twistedcalendar/authkerb.py at about the line 231
to print the base64data associated to the failed request.

when i connect from internetexplorer i get an ntlm base64data,
when i connect from firefox (from a kerberos authenticated linux
machine) i get a long message, that i'll send you in a private mail.

thanks for the help!

More information about the calendarserver-users mailing list