[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: what the error "ldap_sasl_interactive_bind_s: Unknown authentication method (-6)" means?

On 1/13/20 9:16 PM, Peter Sui wrote:
> I'm trying to test SASL EXTERNAL to an AD server, which saying support
> EXTERNAL.
> the command I ran is:
> ldapwhoami -H ldap://example.com:389 <http://example.com:389> -YEXTERNAL
> but it returned: 
> ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
>  additional info: SASL(-4): no mechanism available: 
> what does this error message mean?

It means that SASL mechanism EXTERNAL cannot work in that context.

SASL/EXTERNAL uses whatever suitable authentication information is
available at transport layer: Either the Unix peer credentials in case
of ldapi:// or TLS client certs.

If you're not using one of the above SASL/EXTERNAL cannot work

Ciao, Michael.