I am using the ldapsearch tool with the -X and -Y options to do an LDAP query with SASL, and am running into a problem.
I first do the search without the -Y option so that I can find out what types of SASL mechanisms my LDAP server supports. I get back this list:
ldap_interactive_sasl_bind_s: server supports: GSSAPI GSS-SPNEGO
So I then run the ldapclient again, this time with "-Y GSS-SPNEGO" as one of my options:
ldapsearch -v -d 1 -h "my host" -p 389 -X "my authzid" -Y "GSS-SPNEGO" -W -D "my binddn" -P 3 "my filter"
The program runs and then gives this error:
ldap_sasl_interactive_bind_s: Unknown authentication method
I found out that the call to sasl_client_start is failing, thus causing the program to halt. But I don't know why it's failing, since I'm specifying an SASL mechanism that my server supports. I've tried other values in the -Y field as well, but all with the same results. Any ideas anyone?