I am trying to get LDAP with SASL-GSSAPI
I have openldap-2.4.7 on RHEL 4.
I have installed Cyrus sasl-2.1.21.
I have compiled LDAP with cyrus
SASL support as:
[root@as3 libexec]# env LD_LIBRARY_PATH="/usr/local/BerkeleyDB.4.6/lib:/usr/loc
" LIBS=-ldl ./configure --with-tls=openssl --with-cyrus-sasl
It was fine.
SASL was compiled as:
$ ./configure --disable-cram
--disable-digest --disable-krb4 --disable-otp --enable-gssapi --with-gss_impl=mit
In /usr/lib/sasl2,it has
[root@as3 sasl2]# ls libgssapi*
When I run :
[root@as3 libexec]# saslauthd -V
authentication mechanisms: getpwent
I also have a working kerberos .I am
able to get tickets from kerberos.I have added ldap host principal to kerberos
I have my slapd.conf as: (sasl related
(Also,I have added the first two lines
after seing some mailing list.In the admin guide nothing was mentioned
about adding the two lines.Please tell me whether it is correct?)
According to HOWTO doc from www.bayour.com,when
we query ldap for supportedSASLMechanisms,it should show GSSAPI(my whole
when I give the following:
[root@as3 openldap]# /usr/bin/ldapsearch
-H "ldaps://:12345" -x -b "" -s base -LLL supportedSASLMechanisms
Does it mean that LDAP was not built
with SASL support?
I have slapd.conf in /usr/lib/sasl2
mech_list: plain login ntlm kerberos5
I am not able to get SASL-GSSAPI as
supportedSASLMechanism.From where does the LDAP get this list?
What should I do to add one more mechanism
to supportedSASLMechanisms list?
What may be the problem.....?
Please guide me....I was struck at this
point and not able to come out
Thanx a lot in advance.....
Thanx and Regards,
Notice: The information contained in this e-mail
message and/or attachments to it may contain
confidential or privileged information. If you are
not the intended recipient, any dissemination, use,
review, distribution, printing or copying of the
information contained in this e-mail message
and/or attachments to it are strictly prohibited. If
you have received this communication in error,
please notify us by reply e-mail or telephone and
immediately and permanently delete the message
and any attachments. Thank you