FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 12-13-2008, 10:28 AM
Hanspeter Kunz
 
Default slapd: SASL/EXTERNAL not supported?

Hi,

I have a working LDAP-installation (slapd from etch) using simple-bind
over TLS.

when I try to connect with e.g.

ldapsearch -ZZ -Y EXTERNAL uid=hkunz -LLL

I get

SASL/EXTERNAL authentication started
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available:

doing

ldapsearch -x -ZZ -LLL -s "base" -b "" supportedSASLMechanisms

yields

dn:
supportedSASLMechanisms: LOGIN
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: NTLM
supportedSASLMechanisms: PLAIN
supportedSASLMechanisms: CRAM-MD5

Is there no SASL/EXTERNAL support in slapd in etch?
or did I miss something?

Many thanks,
Hp.
 
Old 12-13-2008, 12:01 PM
Alex Samad
 
Default slapd: SASL/EXTERNAL not supported?

On Sat, Dec 13, 2008 at 12:28:46PM +0100, Hanspeter Kunz wrote:
> Hi,
>
> I have a working LDAP-installation (slapd from etch) using simple-bind
> over TLS.
>
> when I try to connect with e.g.
>
> ldapsearch -ZZ -Y EXTERNAL uid=hkunz -LLL
>
> I get
>
> SASL/EXTERNAL authentication started
> ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
> additional info: SASL(-4): no mechanism available:
>
> doing
>
> ldapsearch -x -ZZ -LLL -s "base" -b "" supportedSASLMechanisms
>
> yields
>
> dn:
> supportedSASLMechanisms: LOGIN
> supportedSASLMechanisms: DIGEST-MD5
> supportedSASLMechanisms: NTLM
> supportedSASLMechanisms: PLAIN
> supportedSASLMechanisms: CRAM-MD5
>
> Is there no SASL/EXTERNAL support in slapd in etch?
> or did I miss something?

there has been some changes to slapd (and the other ldap packages) with
the move from the openssl libraries to the gnutls libraries.

this might have something to do with it. I usually take openldap
source packages and compile with the openssl libraries, because I want
to be able to use encrypted private keys and gnutls doesn't seem to
support that ?! and the recent version of openldap has been giving me
the same problem as you are describing, try an earlier version



>
> Many thanks,
> Hp.



--
"Joe, I don't do nuance."

- George W. Bush
02/15/2004
to Sen. Joseph Biden, as quoted in Time
 

Thread Tools




All times are GMT. The time now is 07:54 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org