[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: No such attribute using SASL

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: No such attribute using SASL
From: "Joseph A. Martin" <martinja@ice-works.com>
Date: Thu, 14 Sep 2000 21:05:38 -0400
Cc: openldap-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <5.0.0.25.0.20000914093952.00a47140@router.boolean.net>; from Kurt@OpenLDAP.org on Thu, Sep 14, 2000 at 09:50:25AM -0700
References: <20000914101854.A1318@thor.ice-dev.com> <5.0.0.25.0.20000914093952.00a47140@router.boolean.net>
User-agent: Mutt/1.2.5i

On Thu, 14 Sep 2000, Kurt D. Zeilenga wrote:

> At 10:18 AM 9/14/00 -0400, Joseph A. Martin wrote:
> >I have OpenLDAP 2.0.1 installed and running now. I also have the Cyrus
> >SASL libraries installed. I have some dummy entries in the database
> >and when I run `ldapsearch -x` they are printed out. When I run a
> >simple `ldapsearch` I receive the following message:
> >
> >ldap_sasl_interactive_bind_s: No such attribute
> 
> This implies that supportedSASLMechanisms attribute is not available
> in the Root DSE.  You should be able to use
>         ldapsearch -x -b "" -s base supportedSASLMechanisms
> to see what is (or isn't) listed.

I begin to stumble towards understanding...

I ran that command and found that nothing was listed. Hhm.

I read the slapd.conf man page and found reference to a few SASL
options. I put the following two lines in my slapd.conf file:

sasl-realm "LATER.DUDE"
sasl-secprops none

After adding the lines I restarted slapd and ran the search again.
This time I got the following result:

version: 2

#
# filter: (objectclass=*)
# requesting: supportedSASLMechanisms 
#

#
dn:
supportedSASLMechanisms: PLAIN
supportedSASLMechanisms: LOGIN
supportedSASLMechanisms: ANONYMOUS

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

When I run just `ldapsearch` again I get the following:

ldap_sasl_interactive_bind_s: Unknown authentication method

I assume this is because I don't have any strong authentication setup.
Or maybe not. I'm still figuring all this out. I think I still have
some bugs to work out of my SASL configuration. For instance if I
make any changes at all to the aforementioned slapd.conf options the
SASL mechanisms dissappear again.

Still, just wanted to let you know that I am experimenting and
learning. Thanks for your e-mail. Are there any another slapd config
options I need to know about or apply? Is the behavior I am seeing
normal?

thanks,
later,
joseph
-- 
the "LaterDude" @ (martinja@ice-works.com || ICQ #52640402)
http://www.ice-works.com/personal/LaterDude/index.html 

All opinions expressed are my own and not necessarily those of
my employer unless otherwise noted.

References:
- No such attribute using SASL
  - From: "Joseph A. Martin" <martinja@ice-works.com>
- Re: No such attribute using SASL
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: dn and utf8 encoding
Next by Date: replica & TLS/SSL (fwd)
Index(es):
- Chronological
- Thread