[Date Prev][Date Next] [Chronological] [Thread] [Top]

GSSAPI SASL problems

To: "'openldap-software@OpenLDAP.org'" <openldap-software@OpenLDAP.org>
Subject: GSSAPI SASL problems
From: "Streib, Allan M" <astreib@indiana.edu>
Date: Sat, 2 Feb 2002 16:09:11 -0500

HI,

This one has me stumped.  I have built OpenLDAP 2.0.21 on two servers, with
identical configuration options.  Both servers are running RedHat Linux.

I am getting GSSAPI as a supprtedSASLMechanism on one server, and not the
other.  I've snipped some log output that I think is relevant (if more
context is needed, let me know).  You can see that in the second case (where
I get no result) there are no access checks for "supportedSASLMechanisms".
I have no ACLs defined in either case.

What does this mean?

Allan

===============================================================

conn=0 op=1 SRCH base="" scope=0 filter="(objectClass=*)"
=> test_filter
    PRESENT
=> access_allowed: search access to "" "objectClass" requested
=> access_allowed: backend default search access granted to ""
<= test_filter 6
=> send_search_entry: ""
=> access_allowed: read access to "" "entry" requested
=> access_allowed: backend default read access granted to ""
=> access_allowed: read access to "" "supportedSASLMechanisms" requested
=> access_allowed: backend default read access granted to ""
=> access_allowed: read access to "" "supportedSASLMechanisms" requested
=> access_allowed: backend default read access granted to ""
ber_flush: 48 bytes to sd 9
  0000:  30 2e 02 01 02 64 29 04  00 30 25 30 23 04 17 73   0....d)..0%0#..s

  0010:  75 70 70 6f 72 74 65 64  53 41 53 4c 4d 65 63 68   upportedSASLMech

  0020:  61 6e 69 73 6d 73 31 08  04 06 47 53 53 41 50 49   anisms1...GSSAPI

ldap_write: want=48, written=48
  0000:  30 2e 02 01 02 64 29 04  00 30 25 30 23 04 17 73   0....d)..0%0#..s

  0010:  75 70 70 6f 72 74 65 64  53 41 53 4c 4d 65 63 68   upportedSASLMech

  0020:  61 6e 69 73 6d 73 31 08  04 06 47 53 53 41 50 49   anisms1...GSSAPI

conn=0 op=1 ENTRY dn=""
<= send_search_entry
send_ldap_result: conn=0 op=1 p=3
send_ldap_result: 0::
send_ldap_response: msgid=2 tag=101 err=0

=========================================================

conn=0 op=1 SRCH base="" scope=0 filter="(objectClass=*)"
daemon: select: listen=6 active_threads=1 tvp=NULL
=> test_filter
    PRESENT
=> access_allowed: search access to "" "objectClass" requested
=> access_allowed: backend default search access granted to ""
<= test_filter 6
=> send_search_entry: ""
=> access_allowed: read access to "" "entry" requested
=> access_allowed: backend default read access granted to ""
ber_flush: 11 bytes to sd 9
  0000:  30 09 02 01 02 64 04 04  00 30 00                  0....d...0.

ldap_write: want=11, written=11
  0000:  30 09 02 01 02 64 04 04  00 30 00                  0....d...0.

conn=0 op=1 ENTRY dn=""
<= send_search_entry
send_ldap_result: conn=0 op=1 p=3
send_ldap_result: 0::
send_ldap_response: msgid=2 tag=101 err=0

Follow-Ups:
- Re: GSSAPI SASL problems
  - From: Norbert Klasen <norbert.klasen@daasi.de>

Prev by Date: unregister
Next by Date: unsuscribe
Index(es):
- Chronological
- Thread