[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to check if slapd is TLS/SASL aware?

Quoting Tomas Maly (malyprogservices@flashmail.com):
> ldapsearch -b "" -s one supportedSASLMechanisms
> That should tell you what SASL modules are enabled. If slapd is TLS enabled,
> you can pass the '-ZZ' parameter to authenticate and as long as is doesn't
> print out an error code, it works.

That command give me the following:

% ldapsearch  -b "" -s one supportedSASLMechanisms
ldap_sasl_interactive_bind_s: No such attribute

Throwing in a "-x", I get this:

% ldapsearch -x -b "" -s one supportedSASLMechanisms
version: 2

# filter: (objectclass=*)
# requesting: supportedSASLMechanisms 

# search result
search: 2
result: 32 No such object

# numResponses: 1

So, I am a little confused. First attempt says it cannot bind using sasl, second
attempt using simple auth works, but does not list and SASL Mechanisms. BUT if
that is the case how come I get the ldap_sasl error in the first place?

Bob Tanner <tanner@real-time.com>       | Phone : (952)943-8700
http://www.mn-linux.org                 | Fax   : (952)943-8500
Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9