[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: still "more results to return"


dennis <dennis@utiba.com> writes:

> Hi all,
> I am running RHEL 3ES (2.4.21-9.EL), openldap-2.1.25, cyrus-sasl-2.1.17.
> I have searched everywhere, broken and fixed sasl, read the howto's,
> followed the directions.  I still get "ldap_sasl_interactive_bind_s:
> More results to return" every time I try a DIGEST-MD5 connection to my
> ldap server.  If I use -x everything is fine.
> When I do this from the http://www.tldp.org/HOWTO/LDAP-HOWTO/sasl.html
> doco, ldapsearch -U admin@rdnt03 -b 'o=Ever' '(objectclass=*)' (changing
> attributes to match my ldap server) I get this result:
> "ldap_sasl_interactive_bind_s: No such object"
> When I do this: ldapsearch -U admin@doc1.cpc.net.au -b "dc=cpc"
> '(objectclass=*)' -Y DIGEST-MD5
> I get this result:
> SASL/DIGEST-MD5 authentication started
> Please enter your password:
> ldap_sasl_interactive_bind_s: More results to return
> Does anyone know what this means?  Is this the expected result of
> properly configured ldap and sasl server?

It's probabely your sasl setup. when entering a user to sasldb, did you
pass the realm flag and a sasl realm? Did you configure a sasl-realm
in slapd.conf?
You should try an authentication without realm, that is
ldapsearch -U admin -Y DIGEST-MD5


Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de