Hi, system: SuSE-9.2-x86_64, Kernel 2.6.8-24.11 hardware: asus A8V DELUXE, S-ATA Samsung SP0812C memory: 2x512 MB Infineon locale: DE_UTF-8 hosts: rubin with amd64, marin with x386 I experience a strange resolver problem with OpenLDAP and I'm not sure, wether this is a x86_64 issue or an OpenLDAP issue. Just to demonstrate the problem ,----[ with domain name] | dieter@rubin:~> ldapsearch -H ldap://marin.l4b.de -b "ou=adressbuch,o=avci,c=de" -s one sn=blei -x | ldap_bind: Can't contact LDAP server (-1) `---- ,----[ with network address ] | dieter@rubin:~> ldapsearch -H ldap://192.168.100.95 -b "ou=adressbuch,o=avci,c=de" -s one sn=blei -x | # extended LDIF | # | # LDAPv3 | # base <ou=adressbuch,o=avci,c=de> with scope one | # filter: sn=blei | # requesting: ALL | [...] `---- I cannot authenticate with kerberos GSSAPI from this host to any other ldap server in my network, but OpenSSH and GSSAPI works flawless. On the other side, a simple bind works with remote clients ,----[ simple bind from remote host ] | dieter@marin:~> ldapsearch -H ldap://rubin.l4b.de -b ou=adressbuch,o=avci,c=de -s one sn=blei -x | # extended LDIF | # | # LDAPv3 | # base <ou=adressbuch,o=avci,c=de> with scope one `---- but a gssapi bind fails dieter@marin:~> ldapsearch -H ldap://rubin.l4b.de -b ou=adressbuch,o=avci,c=de -s one sn=blei -Y gssapi SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) Following the last lines of strace ,----[ strace log ] | endto(0, "\355I\1\0\0\1\0\0\0\0\0\0\5rubin\3l4b\2de\0\0\1\0\1", 30, 0, NULL, 0) = -1 ENOTSOCK (Socket operation on non-socket) | sendto(0, "\355I\1\0\0\1\0\0\0\0\0\0\5rubin\3l4b\2de\0\0\1\0\1", 30, 0, NULL, 0) = -1 ENOTSOCK (Socket operation on non-socket) | brk(0x547000) = 0x547000 | open("/etc/hosts", O_RDONLY) = 4 | fcntl(4, F_SETFD, FD_CLOEXEC) = 0 | fstat(4, {st_mode=S_IFREG|0644, st_size=682, ...}) = 0 | mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2a96f4a000 | read(4, "#\n# hosts This file desc"..., 4096) = 682 | read(4, "", 4096) = 0 | lseek(4, 0, SEEK_SET) = 0 | read(4, "#\n# hosts This file desc"..., 4096) = 682 | close(4) = 0 | munmap(0x2a96f4a000, 4096) = 0 | stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=25, ...}) = 0 | close(0) = 0 | close(0) = -1 EBADF (Bad file descriptor) | --- SIGSEGV (Segmentation fault) @ 0 (0) --- | +++ killed by SIGSEGV +++ `---- The file /etc/resolv.conf is not corrupted or latin-1 encoded ,----[ output of file ] | dieter@rubin:/etc> file resolv.conf | resolv.conf: ASCII text, with no line terminators `---- Just to avoid kerberos configuration discussions, the file /etc/krb5.keytab is readable and service principals have been created for ldap and the keys have been exported to keytab. Any hints? -Dieter -- Dieter Klünter | Systemberatung http://www.dkluenter.de GPG Key ID:01443B53