Re: Problems access MS Active Directory from OpenLDAP 2.1.2

[Anthony Brock <abrock@georgefox.edu>]

At 08:55 AM 7/10/2002 -0700, Frank.Swasey@uvm.edu wrote:
> Be clear... you have asked for (-x) "Use simple authentication instead
> of SASL" and (-I) "Enable SASL Interactive mode."  --- of course they're
> incompatible....  But it has nothing to do with Kerberos at all.

To be clear, I realize the problem with using both flags. The individual I 
was responding to offered a suggestion, and I was attempting to respond in 
a polite and appreciative manner. I am always happy to see responses to my 
questions, even when I know that the suggested solution will not work.

> Why are you trying to use GSSAPI (in your original post) and simple
> binding now and always requesting Interactive SASL???  Try it without
> the -I.
>
> I think you should also read the ldapsearch manpage and the howto at
> http://www.bayour.com/LDAPv3-HOWTO.html -- just my !HO.

I have. I spent several months pouring over this guide, the manpages and 
the mailing list archives earlier this spring for another project. In fact, 
the commands I originally posted with were developed from this guide... I 
posted my message after spending 5 hours browsing and searching the mailing 
list archive for this specific problem. Unfortunately, any search for 
"sasl;Local;error" results in an enormous amount of messages... several of 
which I posted earlier this spring.

Thank you to the pointer to the HOWTO. It never hurts to have it mentioned 
in the archives!

Tony


******************************************************************************
* Anthony Brock                                         abrock@georgefox.edu *
* Director of Network Services                         George Fox University *
******************************************************************************