[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch for digest-md5




On Jan 29, 2007, at 3:06 AM, Radhakrishnan Balasubramanian wrote:

Hi All,

I have Openldap Server -2.2.13 with Cyrus SASL
configured.

I am trying to do ldapsearch for digest-md5 .I am
getting the following error :

 ldapsearch -Y digest-md5 -D
"uid=pokemon,ou=People,dc=cisco,dc=com" -w pokemon123
SASL/DIGEST-MD5 authentication started
ldap_sasl_interactive_bind_s: Invalid credentials (49)
        additional info: SASL(-13): authentication
failure: client response doesn't match what we
generated


But ldapsearch with -U option is successful. Please let me know what need to be done on my LDAP server for making ldapsearch sucessful without using -U (SASL authentication identiy) and using only -D option .

Per the LDAP technical specifications, slapd(8) ignores any bind DN providing in a SASL bind request.

Without a -U, Cyrus SASL is left to select the authentication
identity.  If you don't like that selection, the best option
is to use -U (that's what its for).

Kurt


Thanks, RK



______________________________________________________________________ ______________
Don't get soaked. Take a quick peak at the forecast
with the Yahoo! Search weather shortcut.
http://tools.search.yahoo.com/shortcuts/#loc_weather