[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Getting SASL working



Have you gotten the Cyrus SASL sample client/server working yet?
using LDAP principals?   If not, see the Cyrus SASL docs.

Kurt

At 11:08 AM 12/30/2004, Jonathan Reeder wrote:
>I've got a working OpenLDAP 2.2 running, and I can use simple binds to both modify and query the directory.  However, I'm getting an error when I try to bind with SASL.  The error is:
> 
># ldapsearch -b "dc=mydomain,dc=com" "(objectclass=*)"
>ldap_sasl_interactive_bind_s: No such object
> 
>I have an ldap-readable keytab with a single principle - <mailto:ldap/fqdn@MYREALM.COM>ldap/fqdn@MYREALM.COM and I've defined KRB5_KTNAME in my environment.  I also have my rootdn set up to be "uid=ldapadmin,cn=gssapi,cn=auth".  I can kinint ldapadmin, receive the ticket, but then I get that "No such object" error when I try to run an ldapsearch.
> 
>Any pointers?  Thanks a bunch.
> 
>Jonathan Reeder