slapd: SASL/EXTERNAL not supported?
On Sat, Dec 13, 2008 at 12:28:46PM +0100, Hanspeter Kunz wrote:
> I have a working LDAP-installation (slapd from etch) using simple-bind
> over TLS.
> when I try to connect with e.g.
> ldapsearch -ZZ -Y EXTERNAL uid=hkunz -LLL
> I get
> SASL/EXTERNAL authentication started
> ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
> additional info: SASL(-4): no mechanism available:
> ldapsearch -x -ZZ -LLL -s "base" -b "" supportedSASLMechanisms
> supportedSASLMechanisms: LOGIN
> supportedSASLMechanisms: DIGEST-MD5
> supportedSASLMechanisms: NTLM
> supportedSASLMechanisms: PLAIN
> supportedSASLMechanisms: CRAM-MD5
> Is there no SASL/EXTERNAL support in slapd in etch?
> or did I miss something?
there has been some changes to slapd (and the other ldap packages) with
the move from the openssl libraries to the gnutls libraries.
this might have something to do with it. I usually take openldap
source packages and compile with the openssl libraries, because I want
to be able to use encrypted private keys and gnutls doesn't seem to
support that ?! and the recent version of openldap has been giving me
the same problem as you are describing, try an earlier version
> Many thanks,
"Joe, I don't do nuance."
- George W. Bush
to Sen. Joseph Biden, as quoted in Time