On Monday 07 January 2008 10:06:40 sanjay gupta wrote:
ldapsearch with debugging enabled and see what it's doing :-
Well, debuggins is unnecessary, as the normal output provides everything useful ...
[root@localhost tools]# ./ldapsearch -Y GSSAPI -d 1 ldap_create ldap_sasl_interactive_bind_s: user selected: GSSAPI ldap_int_sasl_bind: GSSAPI ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP 127.0.0.1:389 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 127.0.0.1:389 ldap_connect_timeout: fd: 3 tm: -1 async: 0 ldap_int_sasl_open: host=localhost.localdomain ldap_perror ldap_sasl_interactive_bind_s: Unknown authentication method (-6) additional info: SASL(-4): no mechanism available: No worthy mechs found
It seems that LDAP server has not GSSAPI available.
So how can we add GSSAPI support in LDAP server for making it work??
If you provide more information (OS/distro etc.) you may get more help, but most likely the SASL GSSAPI plugin is not installed. On some Linux distributions, SASL plugins are shipped as separate packages, 'yum search sasl' or 'apt-cache search sasl' or 'urpmq -y sasl' may lead you to the right package to install.
Regards. Buchan