[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Got error while enabling SASL

Hello All,

After some more research into it and reading some more links:
http://www.linuxtopia.org/online_books/network_administration_guides/ldap_administration/sasl_SASL_Authentication.html
http://tldp.org/HOWTO/LDAP-HOWTO/sasl.html

I did some more steps like-
Step-1:
In the file slapd.conf i add following lines:
   password-hash   {CLEARTEXT}
   sasl-regexp uid=(.*),cn=DIGEST-MD5,cn=auth uid=$1,ou=System,o=db

And perform ldapsearch in different way:
ldapsearch -Y DIGEST-MD5 -U sasluser2 -b 'o=db'

But again got error as:
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
        additional info: SASL(-4): no mechanism available: No worthy mechs found

Please help in getting out of this issue.

Thanks and Regards,
Gaurav Gugnani

On Thu, Feb 2, 2012 at 11:36 AM, Gaurav Gugnani <gugnanigaurav@gmail.com> wrote:
Hello All,

I'm a new bie to LDAP and trying to enable SASL on the newly created user.

I read link at open ldap forum:
http://www.openldap.org/doc/admin24/sasl.html#DIGEST-MD5

and performed following steps:
Step-1: saslpasswd2 -c sasluser2
<asked for password>

Step-2: sasldblistusers2
sasluser2@test0.devcs: userPassword

add_sasl_accnt.ldif
----------------------------
# TEST Account for SASL:
dn: uid=sasluser2,ou=System,o=db
uid: sasluser2
ou: System
description: Special account for SASL Testing
userPassword: sasluser2
objectClass: account
objectClass: simpleSecurityObject


Step-3: ldapadd -x -D cn=Manager,o=db -W -f add_sasl_accnt.ldif

After performing these stpes, i tried to perform ldapsearch and landed up in getting error:

ldapsearch -U sasluser2 -b 'o=db' '(objectclass=*)'
ldap_sasl_interactive_bind_s: No such attribute (16)

ldapsearch -LLL -U sasluser2 -b 'o=db'
ldap_sasl_interactive_bind_s: No such attribute (16)

Kindly help.

Thanks and Regards,
Gaurav Gugnani