[Date Prev][Date Next]
supportedSASLMechanisms -- not found?
How can I get OpenLDAP to use the SASL libraries for authentication?
I have OpenLDAP2.0.7, and ran configure with the following options:
./configure --prefix=/usr/local/openldap-1.2.11 \
I have Cyrus-SASL 1.5.24 installed. When I start the ldap server,
and execute ldapsearch -x -s base -b "" supportedSASLMechanisms
I get back:
# requesting supportedSASLMechanims
# search result
result: 0 success
How do I get OpenLDAP 2.0.7 to find/recognize SASL mechanisms?
From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]
Sent: Wednesday, January 17, 2001 4:23 PM
To: Mike Schiraldi
Subject: Re: ldap_sasl_interactive_bind_s: Unknown authentication method
At 04:42 PM 1/17/01 -0500, Mike Schiraldi wrote:
>I'm having trouble getting ldapsearch (2.0.7) to work with a server here.
I note that 2.0 slapd needs some work for EXTERNAL to work
(TLS authid to ACL subject DN mapping). HEAD has code which
needs testing. But the client *should* work.
>Netscape's (perhaps non-standards-compliant) ldapsearch tool works.
>OpenLDAP's gives the error "ldap_sasl_interactive_bind_s: Unknown
>Browsing through the list archives, i came across
>which says, in part:
>> try ldapsearch -x -ZZ -s base -b "" supportedSASLMechanisms
>> If "EXTERNAL" is listed as a value, try:
>> ldapsearch -Y EXTERNAL -ZZ -s base -b "" supportedSASLMechanisms
>Well, sure enough, the first command gives
>but the second gives "ldap_start_tls: Protocol error".
That's odd as there should be no difference in the two until
after the completion of the ldap_start_tls() call. You might
try adding debugging options on the client side to determine
where their execution paths diverge.