[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: "ldapsearch -I" doesn't give desired result .. got part 2 wor king

To: openldap-software@OpenLDAP.org
Subject: RE: "ldapsearch -I" doesn't give desired result .. got part 2 wor king
From: "Jankok, Lucio" <LJankok@getronics.nl>
Date: Mon, 8 Jan 2001 11:54:21 +0100
Sensitivity: Company-Confidential

2) I would like to know how I can make "ldapsearch -I -Y mechanism"
	     authenticate from the sasldb database. 

I got this working by including the following in /etc/openldap/slapd.conf;
sasl-host my.host.name
sasl-realm myrealm

now I need to solve item 1;

1) I would like to know how I can make "ldapsearch -I" to return
	    the supported sasl mechanism without having to explicitely
	    specify the mechanism.

cheers,

Lucio


-----Original Message-----
From: Jankok, Lucio 
Sent: Monday, January 08, 2001 10:37 AM
To: openldap-software@OpenLDAP.org
Subject: "ldapsearch -I" doesn't give desired result
Sensitivity: Confidential


Hi,

I have build openldap and run "make test" succesfully.
when running "make test" I see that the supported sasl-mechanism
are digest-md5 and cram-md5. 
after "make install" I started slapd with;
	"/usr/local/libexec/slapd -d 4 -h ldap://127.0.0.1";
when I do "ldapsearch -I" I will receive:
	ldap_sasl_interactive_bind_s: No such object". 
When I look at the debug output of slapd I will see;
	connection_get(9)
	SRCH "" 0 0   000
		filter: (objectClass=*)
		attrs: supportedSASLMechanisms
	send_ldap_result: 0::
	ber_flush: 14 bytes to sd 9
	connection_get(9)
If I try "ldapsearch -I -Y cram-md5 I will receive;
	SASL/CRAM-MD5 authentication started
	SASL Interaction
	Default: root
	Please enter your autherization name:
When I look at the debug output of slapd I will see;
	connection_get(9)
	==> sasl_bind: dn="" mech=CRAM-MD5 datalen=0
	ber_flush: 49 bytes to sd 9 
If I proceed and enter the autherization name and the password
I will get ;
	ldap_sasl_interactive_bind_s: Unknown error
	additional info: no secret in database
but sasldblistusers will show me the secrets for the username.
When I look at the debug output of slapd I will see;
	connection_get(9)
	==> sasl_bind: dn="" mech=<continuing> datalen=40
	send_ldap_result: 80::no secret in database
	ber_flush: 35 bytes to sd 9
	connection_get(9)

I have qmail-ldap working with cyrus-sasl but not completely, I would
like to get it working completely.

I have two questions; 
	1) I would like to know how I can make "ldapsearch -I" to return
	    the supported sasl mechanism without having to explicitely
	    specify the mechanism.
	2) I would like to know how I can make "ldapsearch -I -Y mechanism"
	     authenticate from the sasldb database. 

Kind Regards,

Lucio Jankok

Prev by Date: RE: "ldapsearch -I" doesn't give desired result .. Correction
Next by Date: Re: User friendly tool
Index(es):
- Chronological
- Thread