[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldapsearch and sasl
Hi,
"James Wilde" <james_wilde@glocalnet.com> writes:
[...]
> I can run both:
>
> ldapsearch -x -b dc=glocalnet,dc=net -D cn=Manager,dc=glocalnet,dc=net
> '(objectclass=*)'
this is a anonymous bind as you don't specify a password
> and
>
> ldapsearch -b dc=glocalnet,dc=net -U Manager@glocalnet.net
> '(objectclass=*)'
this is a strong bind with a sasl mechanism.
> and get a full listing from the ldap directory.
>
> However, I cannot run:
>
> ldapsearch -b dc=glocalnet,dc=net -D cn=Manager,dc=glocalnet,dc=net
> '(objectclass=*)'
>
> When I try, I get the following error message:
>
> SASL/DIGEST-MD5 authentication started
> Please enter your password:
> ldap_sasl_interactive_bind_s: Internal (implementation specific) error
> (80)
> additional info: SASL(-13): user not found: no secret in
> database
>
With option -D you define a distinguished name, thus you have to initiate a
simple bind with option -x and a password option -W or -w, see man
ldapsearch(1) for more information.
> I have the following lines in slapd.conf:
>
> sasl_pwcheck_method: saslauthd
this is not a configuration parameter in /etc/openldap/slapd.conf.
[...]
> I'm sure this worked before. Is there something I'm missing?
[...]
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:01443B53