[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch for digest-md5



On Mon, Jan 29, 2007 at 07:40:02AM -0800, Kurt Zeilenga wrote:
> 
> On Jan 29, 2007, at 3:06 AM, Radhakrishnan Balasubramanian wrote:
> 
> >Hi All,
> >
> >I have Openldap Server -2.2.13 with Cyrus SASL
> >configured.
> >
> >I am trying to do ldapsearch for digest-md5 .I am
> >getting the following error :
> >
> > ldapsearch -Y digest-md5 -D
> >"uid=pokemon,ou=People,dc=cisco,dc=com" -w pokemon123
> >SASL/DIGEST-MD5 authentication started
> >ldap_sasl_interactive_bind_s: Invalid credentials (49)
> >        additional info: SASL(-13): authentication
> >failure: client response doesn't match what we
> >generated
> >
> >
> >But ldapsearch with -U option is successful. Please
> >let me know what need to be done on my LDAP server for
> >making ldapsearch sucessful without using -U (SASL
> >authentication identiy) and using only -D option .
> 
> Per the LDAP technical specifications, slapd(8) ignores
> any bind DN providing in a SASL bind request.
> 
> Without a -U, Cyrus SASL is left to select the authentication
> identity.  If you don't like that selection, the best option
> is to use -U (that's what its for).

maybe he is looking for -x ?
> 
> Kurt
> 
> >
> >Thanks,
> >RK
> >
> >
> >
> >______________________________________________________________________ 
> >______________
> >Don't get soaked.  Take a quick peak at the forecast
> >with the Yahoo! Search weather shortcut.
> >http://tools.search.yahoo.com/shortcuts/#loc_weather
> >
> 
> 

Attachment: signature.asc
Description: Digital signature