[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap_sasl_interactive_bind_s: Unknown authentication method



> That's odd as there should be no difference in the two until
> after the completion of the ldap_start_tls() call.  You might
> try adding debugging options on the client side to determine
> where their execution paths diverge.

On line 730 of ldapsearch.c, use_tls == 2 for 

ldapsearch -h <server> -Y EXTERNAL -ZZ -s base -b "" supportedSASLMechanisms

but use_tls == 0 for 

ldapsearch -h <server> -x -b "" -s base supportedSASLMechanisms

This is the area which reads:

if ( use_tls && ldap_start_tls_s( ld, NULL, NULL ) != LDAP_SUCCESS ) {
  if ( use_tls > 1 ) {
    ldap_perror( ld, "ldap_start_tls" );
    return EXIT_FAILURE;
  }
  fprintf( stderr, "WARNING: could not start TLS\n" );
}