Thanks for the info, but I will confess I find this surprising. The openldap packages made available yesterday are from SL6.1. They were published for everyone as a result of the ipa security advisory. IPA required a newer openldap than was available for SL6.0, but did not require the latest it seemed that this version, which has been in SL6.1 since its release, was the safest. When it was originally built, it was built against the older kerberos libraries as they were the newest available at the time, but if upstream kept their promise to keep a stable api it should still work as expected. Is it possible for you to test the openldap from 6.2 (in 6rolling http://ftp.scientificlinux.org/linux/scientific/6rolling/x86_64/os/repoview/letter_o.group.html) and see if the problem persists. Name : openldap Relocations: (not relocatable) Version : 2.4.23 Vendor: Scientific Linux Release : 15.el6 Build Date: Wed 25 May 2011 12:04:01 PM CDT Install Date: (not installed) Build Host: spacewalk.fnal.gov Group : System Environment/Daemons Source RPM: openldap-2.4.23-15.el6.src.rpm Size : 771714 License: OpenLDAP Signature : DSA/SHA1, Wed 25 May 2011 02:21:58 PM CDT, Key ID b0b4183f192a7d7d Packager : Scientific Linux URL : http://www.openldap.org/ Summary : LDAP support libraries Description : OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. Name : openldap Relocations: (not relocatable) Version : 2.4.23 Vendor: Scientific Linux Release : 15.el6 Build Date: Wed 25 May 2011 12:03:51 PM CDT Install Date: (not installed) Build Host: sl6.fnal.gov Group : System Environment/Daemons Source RPM: openldap-2.4.23-15.el6.src.rpm Size : 765934 License: OpenLDAP Signature : DSA/SHA1, Wed 25 May 2011 02:22:01 PM CDT, Key ID b0b4183f192a7d7d Packager : Scientific Linux URL : http://www.openldap.org/ Summary : LDAP support libraries Description : OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. Name : openldap-clients Relocations: (not relocatable) Version : 2.4.23 Vendor: Scientific Linux Release : 15.el6 Build Date: Wed 25 May 2011 12:03:51 PM CDT Install Date: (not installed) Build Host: sl6.fnal.gov Group : Applications/Internet Source RPM: openldap-2.4.23-15.el6.src.rpm Size : 608763 License: OpenLDAP Signature : DSA/SHA1, Wed 25 May 2011 02:22:01 PM CDT, Key ID b0b4183f192a7d7d Packager : Scientific Linux URL : http://www.openldap.org/ Summary : LDAP client utilities Description : OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap-clients package contains the client programs needed for accessing and modifying OpenLDAP directories. Name : openldap-devel Relocations: (not relocatable) Version : 2.4.23 Vendor: Scientific Linux Release : 15.el6 Build Date: Wed 25 May 2011 12:04:01 PM CDT Install Date: (not installed) Build Host: spacewalk.fnal.gov Group : Development/Libraries Source RPM: openldap-2.4.23-15.el6.src.rpm Size : 5046515 License: OpenLDAP Signature : DSA/SHA1, Wed 25 May 2011 02:21:59 PM CDT, Key ID b0b4183f192a7d7d Packager : Scientific Linux URL : http://www.openldap.org/ Summary : LDAP development libraries and header files Description : The openldap-devel package includes the development libraries and header files needed for compiling applications that use LDAP (Lightweight Directory Access Protocol) internals. LDAP is a set of protocols for enabling directory services over the Internet. Install this package only if you plan to develop or will need to compile customized LDAP clients. Name : openldap-devel Relocations: (not relocatable) Version : 2.4.23 Vendor: Scientific Linux Release : 15.el6 Build Date: Wed 25 May 2011 12:03:51 PM CDT Install Date: (not installed) Build Host: sl6.fnal.gov Group : Development/Libraries Source RPM: openldap-2.4.23-15.el6.src.rpm Size : 5286745 License: OpenLDAP Signature : DSA/SHA1, Wed 25 May 2011 02:22:01 PM CDT, Key ID b0b4183f192a7d7d Packager : Scientific Linux URL : http://www.openldap.org/ Summary : LDAP development libraries and header files Description : The openldap-devel package includes the development libraries and header files needed for compiling applications that use LDAP (Lightweight Directory Access Protocol) internals. LDAP is a set of protocols for enabling directory services over the Internet. Install this package only if you plan to develop or will need to compile customized LDAP clients. Name : openldap-servers Relocations: (not relocatable) Version : 2.4.23 Vendor: Scientific Linux Release : 15.el6 Build Date: Wed 25 May 2011 12:03:51 PM CDT Install Date: (not installed) Build Host: sl6.fnal.gov Group : System Environment/Daemons Source RPM: openldap-2.4.23-15.el6.src.rpm Size : 4541382 License: OpenLDAP Signature : DSA/SHA1, Wed 25 May 2011 02:22:02 PM CDT, Key ID b0b4183f192a7d7d Packager : Scientific Linux URL : http://www.openldap.org/ Summary : LDAP server Description : OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. This package contains the slapd server and related files. Name : openldap-servers-sql Relocations: (not relocatable) Version : 2.4.23 Vendor: Scientific Linux Release : 15.el6 Build Date: Wed 25 May 2011 12:03:51 PM CDT Install Date: (not installed) Build Host: sl6.fnal.gov Group : System Environment/Daemons Source RPM: openldap-2.4.23-15.el6.src.rpm Size : 289119 License: OpenLDAP Signature : DSA/SHA1, Wed 25 May 2011 02:22:02 PM CDT, Key ID b0b4183f192a7d7d Packager : Scientific Linux URL : http://www.openldap.org/ Summary : SQL support module for OpenLDAP server Description : OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. This package contains a loadable module which the slapd server can use to read data from an RDBMS. On 01/12/2012 06:49 AM, Jonathan G. Underwood wrote: > Further to this, I can confirm that downgrading openldap and > openldap-clients fixes this problem (to version 2.4.19-15). > > So, it looks to me like the new openldap packages have been linked > wrongly... > > Jonathan. > > > > On 12/01/12 12:42, Jonathan G. Underwood wrote: >> Hi, >> >> On my local SL 6.0 machines I am seeing that autofs is broken by the >> recent set of updated (probably the openldap update being responsible). >> Specifically, I am storing automount maps on an openldap server, and >> using kerberos authentication on the clients. Restarting the autofs >> service I see: >> >> Jan 12 12:34:36 mia automount[681]: open_lookup:90: cannot open lookup >> module ldap (/usr/lib64/autofs/lookup_ldap.so: undefined symbol: >> krb5_get_init_creds_keytab) >> >> Specific package versions: >> >> # rpm -qa | grep krb5 >> krb5-libs-1.9-22.el6_2.1.i686 >> krb5-debuginfo-1.9-22.el6_2.1.x86_64 >> krb5-appl-clients-1.0.1-7.el6_2.x86_64 >> krb5-auth-dialog-0.13-3.el6.x86_64 >> pam_krb5-2.3.11-1.el6.x86_64 >> krb5-workstation-1.9-22.el6_2.1.x86_64 >> krb5-pkinit-openssl-1.9-22.el6_2.1.x86_64 >> krb5-libs-1.9-22.el6_2.1.x86_64 >> >> # rpm -qa | grep autofs >> autofs-5.0.5-23.el6_0.1.x86_64 >> >> # rpm -qa | grep openldap >> openldap-clients-2.4.23-15.el6.x86_64 >> openldap-2.4.23-15.el6.i686 >> openldap-2.4.23-15.el6.x86_64 >> compat-openldap-2.3.43-2.el6.x86_64 >> >> >> Anyone else seeing this? >> >> Cheers, >> Jonathan. -- Pat Riehecky Scientific Linux Developer