[Date Prev][Date Next]
Re: ldapsearch and sasl
"James Wilde" <email@example.com> writes:
> I can run both:
> ldapsearch -x -b dc=glocalnet,dc=net -D cn=Manager,dc=glocalnet,dc=net
this is a anonymous bind as you don't specify a password
> ldapsearch -b dc=glocalnet,dc=net -U Manager@glocalnet.net
this is a strong bind with a sasl mechanism.
> and get a full listing from the ldap directory.
> However, I cannot run:
> ldapsearch -b dc=glocalnet,dc=net -D cn=Manager,dc=glocalnet,dc=net
> When I try, I get the following error message:
> SASL/DIGEST-MD5 authentication started
> Please enter your password:
> ldap_sasl_interactive_bind_s: Internal (implementation specific) error
> additional info: SASL(-13): user not found: no secret in
With option -D you define a distinguished name, thus you have to initiate a
simple bind with option -x and a password option -W or -w, see man
ldapsearch(1) for more information.
> I have the following lines in slapd.conf:
> sasl_pwcheck_method: saslauthd
this is not a configuration parameter in /etc/openldap/slapd.conf.
> I'm sure this worked before. Is there something I'm missing?
Dieter Klünter | Systemberatung
GPG Key ID:01443B53