[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL EXTERNAL



Hi,
has anybody been able to successfully use LDAPS with SASL EXTERNAL? I do
get slapd to accept a client cert and report its availabitlity:

ldapsearch -x -H ldaps://server -s base -b "" \*
supportedsaslmechanisms  
dn:
objectClass: top
objectClass: OpenLDAProotDSE
supportedSASLMechanisms: LOGIN
supportedSASLMechanisms: PLAIN
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: EXTERNAL

However,
ldapsearch -Y EXTERNAL ldaps://server -s base -b ""
leads to 
ldap_sasl_interactive_bind_s: Unknown authentication method

Using ldapsearch from the Netscape SDK 4.1 gives a
ldap_sasl_bind: SASL bind in progress
(Probably because OpenLDAP responds with a BindResponse with
serverSaslCreds of length 0.)

-- 
Norbert Klasen
DFN Directory Services                           tel: +49 7071 29 70335
ZDV, Universität Tübingen                        fax: +49 7071 29 5912
Wächterstr. 76, 72074 Tübingen              http://www.directory.dfn.de
Germany                             norbert.klasen@zdv.uni-tuebingen.de