Hi Michele, On 02/19/2013 11:31 AM, Michele wrote:
Ok I've tried that and my AD server supports all mechanism you listed above. The problem is that I'm compiling a client application and I'd like to use GSSAPI mechanism, but when I compile OpenLDAP I'm not sure if it is compiling also the GSSAPI stuff.
It should include it if you have the cyrus-sasl-devel RPM installed and assuming the client has the proper Makefile stuff to include it and link to it. You can verify the client binary with the ldd command. Example output:
$ ldd /usr/local/bin/ldapsearch | egrep -i 'sasl|gssapi' libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00000031fac00000) libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 > Also when I try to connect my
client to my AD server it says that no mechanism are available. Thanks
I don't know much about AD but supporting a mechanism and actually offering may be two different things. Is GSSAPI actually enabled?
On the client side make sure that you have the cyrus-sasl-gssapi and krb5-libs RPMs installed.
Regards, Patrick