I am running openldap 2.2.13. I am having a problem getting TLS to work. I have done numerous searches, but most web pages seem to deal with LDAP/kerberos issues. We do not run kerberos. I am only trying to prevent passwords from being sent in the clear.
I have followed the instructions on this page:
http://www.ibm.com/developerworks/linux/library/l-openldap/
I am able to run ldapsearch with simple auth:
ldapsearch -x
but, am not able to do any of the following:
ldapsearch ldapsearch -X u:myuid ldapsearch -X dn:uid=myuid,ou=People,dc=example,dc=com
The error is (with "-d 255"): ... SASL/GSSAPI authentication started ldap_perror ldap_sasl_interactive_bind_s: Local error (-2) additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (No credentials cache found)
It looks like the server is running fine. But, the logs don't really indicate what the problem is. (It seems to be more of a client issue, but still the server should give some hint in the logs.)
If you need more debugging info, just let me know.
Any help would be greatly appreciated.
TIA Craig