SASL problems.

[Mathias Meisfjordskar <mathiasm@ifi.uio.no>]

Hello all!

I've struggled for days now, trying to get authentication working in
OpenLDAP. With no luck. It boils down to a SASL problem, I
think. Searching for any relevant information hasn't helped much.

The problem:
When doing authentication or something other than simple binds I get:
"ldap_sasl_interactive_bind_s: Unknown authentication method"

This was with the following search:
'ldapsearch -H ldaps:/// -I -b "" -s base -LLL supportedSASLMechanisms'

Using;
'ldapsearch -H ldaps:/// -x -b "" -s base -LLL supportedSASLMechanisms'

I get: 	supportedSASLMechanisms: PLAIN
	supportedSASLMechanisms: LOGIN

I've searched the list-archive numerous times, but I can't find exactly  
what the problem is. I found a HOWTO by Turbo Fredriksson which describes
a problem with Cyrus SASL v1.5.24, but I'm not sure how to move on from
here. I saw somewhere in the SASL docs that you have to recompile all
programs using the SASL libs when installing a new one. Does this mean I
have to recompile OpenLDAP? The new SASL libs I built should have the same
version number as the ones preinstalled on my system(RH 7.1).

My goal: To get authentication working over TLS/SSL. I haven't played with
kerberos yet, but I think configure included it. I configured and compiled
OpenLDAP-2.0.11 with the following parameters:

CPPFLAGS=-I<my-path-to-ssl>
LDFLAGS=-L<my-path-to-openssl-libs>

configure --with-tls --with-cyrus-sasl

make depend etc.

Everything went fine and all tests were successful. But using TLS with
clients will not work.


Please help me. I'm stuck.

-- 
Regards,
Mathias Meisfjordskar

"And now for something completely different."
                 "THE END"