[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
supportedSASLMechanisms -- not found?
How can I get OpenLDAP to use the SASL libraries for authentication?
I have OpenLDAP2.0.7, and ran configure with the following options:
./configure --prefix=/usr/local/openldap-1.2.11 \
--exec-prefix=/usr/local/openldap-1.2.11/libexec \
--enable-spasswd \
--with-cyrus-sasl
I have Cyrus-SASL 1.5.24 installed. When I start the ldap server,
and execute ldapsearch -x -s base -b "" supportedSASLMechanisms
I get back:
Version 2:
#
#filter: (objectclas=*)
# requesting supportedSASLMechanims
#
# search result
search 2:
result: 0 success
#numResponses: 1
How do I get OpenLDAP 2.0.7 to find/recognize SASL mechanisms?
Thanks
Tom
-----Original Message-----
From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]
Sent: Wednesday, January 17, 2001 4:23 PM
To: Mike Schiraldi
Cc: openldap-software@OpenLDAP.org
Subject: Re: ldap_sasl_interactive_bind_s: Unknown authentication method
At 04:42 PM 1/17/01 -0500, Mike Schiraldi wrote:
>I'm having trouble getting ldapsearch (2.0.7) to work with a server here.
I note that 2.0 slapd needs some work for EXTERNAL to work
(TLS authid to ACL subject DN mapping). HEAD has code which
needs testing. But the client *should* work.
>Netscape's (perhaps non-standards-compliant) ldapsearch tool works.
>OpenLDAP's gives the error "ldap_sasl_interactive_bind_s: Unknown
>authentication method".
>
>Browsing through the list archives, i came across
>http://www.openldap.org/lists/openldap-bugs/200010/msg00217.html
>which says, in part:
>
>> try ldapsearch -x -ZZ -s base -b "" supportedSASLMechanisms
>>
>> If "EXTERNAL" is listed as a value, try:
>>
>> ldapsearch -Y EXTERNAL -ZZ -s base -b "" supportedSASLMechanisms
>
>Well, sure enough, the first command gives
>"supportedSASLMechanisms: EXTERNAL"
>
>but the second gives "ldap_start_tls: Protocol error".
That's odd as there should be no difference in the two until
after the completion of the ldap_start_tls() call. You might
try adding debugging options on the client side to determine
where their execution paths diverge.
Kurt