[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: ldapsearch

Active Directory returns "GSSAPI" and "GSS-SPNEGO"
as its only supported sasl_mechanisms.  Your error
message looks like sasl does not support GSSAPI.

To use GSSAPI you must install
kerberos and re-build sasl & openldap.

You might also try using the "-x" argument to ldapsearch,
which will force it to "Use simple authentication instead of SASL."

However, your username and password will be visible in the 
IP packets going to ActiveDirectory....not a good thing.

An alternative to kerberos would be to use an "ldaps" connection
to active directory (port 636)...This is a TLS (i.e. the new SSL)
connection, so your username and password are safe from prying 


-----Original Message-----
From: Carl Johannes Stoltenberg [mailto:carl.johannes@stoltenberg.ch] 
Sent: Wednesday, April 16, 2003 6:28 AM
To: openldap-software@OpenLDAP.org
Subject: ldapsearch

Hi list,

I read a lot about LDAP and searched the mailing lists....but... I'm trying
to make a ldapsearch from  Linux to a W2K server. It comes back with

ldap_sasl_interactive_bind_s: Unknown authentication method (86)

Any Ideas ?

The Newbie

Live long and prosper

Carl Johannes Stoltenberg
UNICEF bittet um Spenden für die Kinder im Irak! Hier online an UNICEF
spenden: https://spenden.web.de/unicef/special/?mc=021101