Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO Kerberos on AIX 5.2 64-bit : snc/gssapi_lib not loaded

Former Member

‎03-16-2007 11:08 AM

0 Kudos

Hi,

I'm trying to install an SSO for SAP (AIX 5.2) using Windows AD-Kerberos for authentication.

Server AIX 5.2 64-bit + SAP

I first installed a Kerberos Client on AIX 5.2 (documentation :www.ibm.com/servers/aix/whitepapers/aix_kerberos2.pdf). Everything is ok..

Then I configured SAP using the document found on http://www.microsoft.com/technet/security/guidance/identitymanagement/idmanage/P3Intran_3.mspx

But I have an error by using snc/gssapi_lib = /usr/lib/security/KRB5A_64

Did you manage to use SNC on AIX 5.2 64-bit ??

Thanks for any answer,

Herve

      • ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_acquire_cred

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_release_cred

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_init_sec_context

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_accept_sec_context

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_delete_sec_context

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_context_time

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_display_status

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_indicate_mechs

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_compare_name

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_display_name

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_import_name

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_release_name

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_release_buffer

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_release_oid_set

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_inquire_cred

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_inquire_context

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_export_sec_context

N [sncxxdl.0717]*** ERROR => SncIResolveFunctions(): Unresolved GSS-API call: gss_import_sec_context

N [sncxxdl.0717]*** ERROR => SncPDLInit()==SNCERR_INIT, Adapter (#0) /usr/lib/security/KRB5A_64 not loaded

N [sncxxdl.0613]<<- SncInit()==SNCERR_INIT

N sec_avail = "false"

M ***LOG R19=> ThSncInit, SncInit ( SNC-000001) [thxxsnc.c 219]

M *** ERROR => ThSncInit: SncInit (SNCERR_INIT) [thxxsnc.c 221]

M in_ThErrHandle: 1

M *** ERROR => SncInit (step 1, th_errno 44, action 3) [thxxhead.c 8267]

1 REPLY 1

tim_alsop
Active Contributor

‎03-16-2007 11:25 AM

0 Kudos

Leon,

The AIX library you have installed (/usr/lib/security/KRB5A) is not a GSS-API library, and this is why SAP SNC does not find the function entry points it is expecting. In order to use SNC with Kerberos on AIX you need to purchase a SAP SNC certified GSS-API library which is available on AIX 5L. There are many posts on SDN security forum which discuss this same issue, so I suggest you look in SDN first, and if you are still not able to find what you are looking for let me know, either via this forum or privately, and I will point you in the right direction.

Regards,

Tim