[Date Prev][Date Next]
Active Directory returns "GSSAPI" and "GSS-SPNEGO"
as its only supported sasl_mechanisms. Your error
message looks like sasl does not support GSSAPI.
To use GSSAPI you must install
kerberos and re-build sasl & openldap.
You might also try using the "-x" argument to ldapsearch,
which will force it to "Use simple authentication instead of SASL."
However, your username and password will be visible in the
IP packets going to ActiveDirectory....not a good thing.
An alternative to kerberos would be to use an "ldaps" connection
to active directory (port 636)...This is a TLS (i.e. the new SSL)
connection, so your username and password are safe from prying
From: Carl Johannes Stoltenberg [mailto:firstname.lastname@example.org]
Sent: Wednesday, April 16, 2003 6:28 AM
I read a lot about LDAP and searched the mailing lists....but... I'm trying
to make a ldapsearch from Linux to a W2K server. It comes back with
ldap_sasl_interactive_bind_s: Unknown authentication method (86)
Any Ideas ?
Live long and prosper
Carl Johannes Stoltenberg
UNICEF bittet um Spenden für die Kinder im Irak! Hier online an UNICEF