[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap_sasl_interactive_bind_s: Unknown authentication method

To: Mike Schiraldi <raldi@research.netsol.com>
Subject: Re: ldap_sasl_interactive_bind_s: Unknown authentication method
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 17 Jan 2001 14:22:47 -0800
Cc: openldap-software@OpenLDAP.org
In-reply-to: <Pine.LNX.4.21.0101171641480.11861-100000@tron.admin.cto.ne tsol.com>

At 04:42 PM 1/17/01 -0500, Mike Schiraldi wrote:
>I'm having trouble getting ldapsearch (2.0.7) to work with a server here.

I note that 2.0 slapd needs some work for EXTERNAL to work
(TLS authid to ACL subject DN mapping).  HEAD has code which
needs testing.  But the client *should* work.

>Netscape's (perhaps non-standards-compliant) ldapsearch tool works.
>OpenLDAP's gives the error "ldap_sasl_interactive_bind_s: Unknown
>authentication method".
>
>Browsing through the list archives, i came across 
>http://www.openldap.org/lists/openldap-bugs/200010/msg00217.html
>which says, in part:
>
>> try ldapsearch -x -ZZ -s base -b "" supportedSASLMechanisms
>> 
>> If "EXTERNAL" is listed as a value, try:
>> 
>> ldapsearch -Y EXTERNAL -ZZ -s base -b "" supportedSASLMechanisms
>
>Well, sure enough, the first command gives
>"supportedSASLMechanisms: EXTERNAL"
>
>but the second gives "ldap_start_tls: Protocol error".

That's odd as there should be no difference in the two until
after the completion of the ldap_start_tls() call.  You might
try adding debugging options on the client side to determine
where their execution paths diverge.

Kurt

Prev by Date: ldap_sasl_interactive_bind_s: Unknown authentication method
Next by Date: Problem compiling 2.0.7 on redhat
Index(es):
- Chronological
- Thread