[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Trying to enable SASL support for OpenLDAP 2.0.11...
- To: openldap-software@OpenLDAP.org
- Subject: Trying to enable SASL support for OpenLDAP 2.0.11...
- From: Brendan Byrd <brendanb@missiondata.com>
- Date: Wed, 08 Aug 2001 17:34:32 -0400
- Organization: Mission Data
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2) Gecko/20010628
This is annoying. I've been spending the past 8+ hours trying to get
SASL to work with OpenLDAP. Every time I do, I encounter the same
error:
# ldapadd -D "uid=root@sineswiper.missiondata.com" -f
/root/missiondata.ldif
ldap_sasl_interactive_bind_s: No such object
# ldapadd -D "cn=root,dc=missiondata,dc=com" -f /root/missiondata.ldif
ldap_sasl_interactive_bind_s: No such object
# ldapadd -I
ldap_sasl_interactive_bind_s: No such object
I can use simple mode just fine, but I don't want simple mode. I'm
trying to get everything setup for LDAP through SSL. I have all of
the libraries: Kerberos 5, SASL, DES, Crypt, Crypto, etc. I've used
the following configure line:
./configure --with-cyrus-sasl \
--with-kerberos \
--with-tls \
--enable-crypt \
--enable-kpasswd \
--enable-spasswd \
--enable-phonetic \
--enable-rlookups
Oddly enough, even after installing the program with the above
configure, I get this:
# ldapadd -k
ldapadd: not compiled with Kerberos support
I'm not sure if the SASL switch on the configure overrides this or
what, but I don't understand why it can't have support for both. My
ldap.conf is correct:
BASE dc=missiondata, dc=com
URI ldap://sineswiper.missiondata.net
According to LDAPSearch, I don't have the required
"supportedSASLMechanisms" objects in my Root DN:
# ldapsearch -D "cn=root,dc=missiondata,dc=com" -b "" -Wxs base -LLL
Enter LDAP Password:
dn:
objectClass: top
objectClass: OpenLDAProotDSE
My /var/log/message doesn't say anything unusual. I've already
created a /etc/sasldb with saslpasswd. My slapd.conf contains:
---- cut ----
sasl-host sineswiper.missiondata.net
sasl-secprops none
database ldbm
suffix "dc=missiondata,dc=com"
#rootdn "uid=root@sineswiper.missiondata.net"
rootdn "cn=root,dc=missiondata,dc=com"
rootpw {SSHA}---blah---
directory /var/openldap/ldbm
index objectClass eq
TLSCertificateFile /var/ssl/ssl.crt/server.crt
TLSCertificateKeyFile /var/ssl/ssl.key/server.key
---- end ----
Everything is setup the way it should be, so WTF?! Current newsgroup
posts aren't helping much, nor is the OpenLDAP FAQ. I'm sure many
others would like an answer to this question, too.
--
Brendan Byrd (brendanb@missiondata.com)
System Administrator @ Mission Data
http://www.missiondata.com/