[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: what the error "ldap_sasl_interactive_bind_s: Unknown authentication method (-6)" means?

To: Dieter Klünter <dieter@dkluenter.de>, openldap-technical@openldap.org
Subject: Re: what the error "ldap_sasl_interactive_bind_s: Unknown authentication method (-6)" means?
From: Quanah Gibson-Mount <quanah@symas.com>
Date: Mon, 13 Jan 2020 13:09:05 -0800
Content-disposition: inline
Dkim-filter: OpenDKIM Filter v2.10.3 zmcc-2-mta-1.zmailcloud.com 4D387CEE48
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=symas.com; s=37C7994C-28CA-11EA-A30F-68F90BB9D764; t=1578949747; bh=drE1GuxD8n9C4QiR2RUvDD6QyOON2ZFcP+9PbXefCfY=; h=Date:From:To:Message-ID:MIME-Version; b=O8/FOr0i/5bYROVjjkZ4mqYjRmnFYoZ2KfWybRdCbpRCJ+dDwegYwGsZUYjhtxlcL NADSgSguj6lx8swuUjCfDKBRmf7aysLExdVYloqBjyNDxsDOYLUGBCx+V2mzl167QZ jTBdcu62I+ym92VO9iYv9gn/4FOfQ22r0ZgCDnWSCZ9Qj7WJeLmKjKuAm93yogDWCr CJJw+ltqSWC9gw9mDgSLVatfcF4gl6MO3LVmVtB9OSHkeOWpTP6xDCM74e5MjR3GEe aoCEy4hdgWhp5RARABG5kg6lZxa7KJVnISf4YuM30fX64pY4ayL6MLRQuX5s0p+J9r yxiHwW1X55kAw==
In-reply-to: <20200113215737.5159ea27@pink.fritz.box>
References: <CAKVbK+p1Up9jxOk0hN=ihb7yf0QBbD_Xf0Y5=Db1u3Q98+j1Jg@mail.gmail.com> <b1ee15bb-8c55-1814-e5c2-4e601fff13a3@stroeder.com> <CAKVbK+r_EpDKakUe8zm1ZbC5Bz3BSMKW12CTc64FkdM7vpSG4A@mail.gmail.com> <20200113215737.5159ea27@pink.fritz.box>

--On Monday, January 13, 2020 9:57 PM +0100 Dieter Klünter<dieter@dkluenter.de> wrote:

If authz-regexp is set correctly, it should be:

ldapwhoami  -YEXTERNAL-H ldapi:///

They specifically said they were trying to talk to an AD server withSASL/EXTERNAL.


Last I checked:

a) AD does not run on Linux
b) AD does not support ldapi:/// since that requires a unix socket
c) AD does not support authz-regexp

Their only option would be for certificate authentication, which wouldrequire them to then get the appropriate certs issued from the ADadministrators, etc, and assuming the AD server actually is configured toallow cert authentication.


--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

References:
- what the error "ldap_sasl_interactive_bind_s: Unknown authentication method (-6)" means?
  - From: Peter Sui <peters@qnext.com>
- Re: what the error "ldap_sasl_interactive_bind_s: Unknown authentication method (-6)" means?
  - From: Michael Ströder <michael@stroeder.com>
- Re: what the error "ldap_sasl_interactive_bind_s: Unknown authentication method (-6)" means?
  - From: Peter Sui <peters@qnext.com>
- Re: what the error "ldap_sasl_interactive_bind_s: Unknown authentication method (-6)" means?
  - From: Dieter Klünter <dieter@dkluenter.de>

Prev by Date: Re: what the error "ldap_sasl_interactive_bind_s: Unknown authentication method (-6)" means?
Next by Date: RE: Question about OpenLDAP and rwm overlay
Index(es):
- Chronological
- Thread