I'm trying to test SASL EXTERNAL to an AD server, which saying support EXTERNAL.
the command I ran is:
but it returned:
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available:
what does this error message mean?
I already installed the necessary package, here is my dpkg return:
~$ dpkg -l | grep sasl
ii libauthen-sasl-perl 2.1600-1 all Authen::SASL - SASL Authentication framework
ii libsasl2-2:amd64 2.1.27~101-g0780600+dfsg-3ubuntu2 amd64 Cyrus SASL - authentication abstraction library
ii libsasl2-dev 2.1.27~101-g0780600+dfsg-3ubuntu2 amd64 Cyrus SASL - development files for authentication abstraction library
ii libsasl2-modules:amd64 2.1.27~101-g0780600+dfsg-3ubuntu2 amd64 Cyrus SASL - pluggable authentication modules
ii libsasl2-modules-db:amd64 2.1.27~101-g0780600+dfsg-3ubuntu2 amd64 Cyrus SASL - pluggable authentication modules (DB)
ii libsasl2-modules-gssapi-mit:amd64 2.1.27~101-g0780600+dfsg-3ubuntu2 amd64 Cyrus SASL - pluggable authentication modules (GSSAPI)
and I can run ldapwhoami with SASL GSSAPI against the above mentioned AD server successfully.
the error seems the "EXTERNAL" is not even supported, is not about invalid credential. I also tried to created a new certificate with the server credential, and modified the .ldaprc to point to the new certificate. still does not work.
who can tell me how ?
Thanks ahead!
Peter