Dan White wrote:
> On 15/05/11 17:59 +0430, Mohammad D wrote:
>> I have installed openldap 2.4.23 on windows server 2003. when I run thisDan, why do you ask for GSSAPI?
>> query on ldapsearch:
>> ldapsearch -h directory.verisign.com -b "cn=<*>" "(o=*)"
>> "certificaterevocationlist"
>> I get the following error:
>> SASL/EXTERNAL authentication started
>> ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
>> additional info: SASL(-4): no mechanism available:
>>
>> I installed MIT kerberos but it did not solve the problem.
>> any one know whats the issue and how can it be solved?
>
> Did you build cyrus sasl with GSSAPI support?
I guess the original poster just wants to use command-line option -x for
simple anonymous bind. Also the search base (-b) seems to be wrong. It should
be -b "" for an empty search base.
I doubt that this will work anyway. Playing around with
ldap://directory.verisign.com it returns
Server is unwilling to perform:
Presence filter is unsupported
when searching with filter (o=*). Frankly I don't know whether this server is
usable anymore for anything one would consider useful. That's the reason I
removed it from the default select list in web2ldap's demo server.
Side note:
Verisign publishes its CRLs via HTTP: http://crl.verisign.com/
Ciao, Michael.