SingleStore LDAP Authentication Errors

Hi Folks,
I followed help article to enable and sync up AD group in my test of environment. The tool got configured and ran successfully. It pulled up all the users and then created them on destination SingleStore cluster. I can see user are created with GSSAPI. I however have problem getting a user authenticated. When I tried to login using AD creds this is What I get any help ?

ERROR 1105 (HY000): Client GSSAPI error (major 851968, minor 0) : gss_init_sec_context - Unspecified GSS failure. Minor code may provide more information.

adrshen

Hi adrshen!
Sorry you are experiencing this error.
We’re happy to help.
What service are you running; managed or self-hosted? what version number?

We are running on premises SingleStore version 7.8.8. We recently upgraded SingleStore tooling and trying to configure AD Auth for dev cluster to grant team members permissions.
Also We have SingleStore studio running version : 4.0.7.

Thanks in advance for help !
ADrshen

1 Like

Thanks for the details Adrshen! This has been escalated internally and hope to have an update for you soon. Thanks for your patience.

Hi there,

This error is displayed because the SingleStore DB is unable to generate a Kerberos ticket due to some issue.
To get what is going on you can use the following command to generate a ticket using the Service Account. This command must generate a ticket.

sudo -u memsql kinit -kt {locationForKDCConfiguredInS2} -S HTTP/memsql.s2.local HTTP/memsql.s2.local@S2.LOCAL 

Please replace the values with the ones from your environment.

-S is the servicePrincipalName of the account
the last parameter is the userPrincipalName