[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
"ldapsearch -I" doesn't give desired result
Hi,
I have build openldap and run "make test" succesfully.
when running "make test" I see that the supported sasl-mechanism
are digest-md5 and cram-md5.
after "make install" I started slapd with;
"/usr/local/libexec/slapd -d 4 -h ldap://127.0.0.1"
when I do "ldapsearch -I" I will receive:
ldap_sasl_interactive_bind_s: No such object".
When I look at the debug output of slapd I will see;
connection_get(9)
SRCH "" 0 0 000
filter: (objectClass=*)
attrs: supportedSASLMechanisms
send_ldap_result: 0::
ber_flush: 14 bytes to sd 9
connection_get(9)
If I try "ldapsearch -I -Y cram-md5 I will receive;
SASL/CRAM-MD5 authentication started
SASL Interaction
Default: root
Please enter your autherization name:
When I look at the debug output of slapd I will see;
connection_get(9)
==> sasl_bind: dn="" mech=CRAM-MD5 datalen=0
ber_flush: 49 bytes to sd 9
If I proceed and enter the autherization name and the password
I will get ;
ldap_sasl_interactive_bind_s: Unknown error
additional info: no secret in database
but sasldblistusers will show me the secrets for the username.
When I look at the debug output of slapd I will see;
connection_get(9)
==> sasl_bind: dn="" mech=<continuing> datalen=40
send_ldap_result: 80::no secret in database
ber_flush: 35 bytes to sd 9
connection_get(9)
I have qmail-ldap working with cyrus-sasl but not completely, I would
like to get it working completely.
I have two questions;
1) I would like to know how I can make "ldapsearch -I" to return
the supported sasl mechanism without having to explicitely
specify the mechanism.
2) I would like to know how I can make "ldapsearch -I -Y mechanism"
authenticate from the sasldb database.
Kind Regards,
Lucio Jankok