[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP + SASL



>From the man page: 
       -Y mech
              Specify  the  SASL  mechanism  to be used for authentication.
If
              it's not specified, the program will choose the  best 
mechanism
              the server knows.

I assume i can specify the agrument to the option, but to me it sounds like
it can't find any mechanism to use.

Anyhow, this is neither here nor there

When I use: ldapsearch -h localhost -p 389 -x -b "" -s base -L
supportedSASLMechanisms 

i get this:

debian:/tmp# ldapsearch -h localhost -p 389 -x -b "" -s base -L
supportedSASLMechanisms
version: 1

#
# LDAPv3
# base <> with scope base
# filter: (objectclass=*)
# requesting: supportedSASLMechanisms
#

#
dn:

# search result

# numResponses: 2
# numEntries: 1
debian:/tmp#

What should i be looking for if i'm expecting

supportedSASLMechanisms: ANONYMOUS
supportedSASLMechanisms: GSSAPI



"Howard Chu" <hyc@highlandsun.com> wrote:
>
>> -----Original Message-----
>> From: owner-openldap-software@OpenLDAP.org
>> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Matt
>> Heitzenroder
>
>> Thanks for your help, unfortunately i'm pretty new to ldap
>> and i really
>> don't understand what you mean.  can you further explain it to me?
>
>Reread the ldapsearch(1) man page and see how the "-Y" option is supposed to
>be used. You cannot specify it by itself, it expects an argument. The
>argument should be the name of a valid SASL mechanism.
>
>> "Pierangelo Masarati" <ando@sys-net.it> wrote:
>> >
>> >
>> >> debian:/usr/lib/sasl2# ldapsearch -h localhost -p 389 -Y
>> -s base -LLL
>> >
>> >-Y requires the mech you selected as an argument; see ldapsearch(1)
>> >(and any other client's manpage, they work exactly the same)
>
>  -- Howard Chu
>  Chief Architect, Symas Corp.       Director, Highland Sun
>  http://www.symas.com               http://highlandsun.com/hyc
>  Symas: Premier OpenSource Development and Support
>
>
>

~~~~~~~~~~~~~~~~~~
Matt Heitzenroder
RoderCo, LLC
http://www.roderco.net
412.779.6100
~~~~~~~~~~~~~~~~~~