Hi all,
I am trying to learn how to use OpenLDAP in combination with Cyrus SASL and MIT Kerberos 5. While testing I got the following error: result: 32 No such object. Below you can see that the response with simple bind works flawless, but as soon as I am trying to use SASL and Kerberos I get the previous mentioned response. Everything I could find on google didn't help. So I hope someone can point me in the right direction. I am not sure what extra information you need. I am clueless as you might have understood.
TIA, Arjan.
[root@ldapserver ~]# ldapsearch -ZZ -W -D 'cn=Manager,dc=example,dc=com' -s base -x Enter LDAP Password: # extended LDIF # # LDAPv3 # base <dc=example,dc=com> (default) with scope baseObject # filter: (objectclass=*) # requesting: ALL #
# example.com dn: dc=example,dc=com description: Example.Com, your trusted non-existent corporation. dc: example o: Example.Com objectClass: top objectClass: dcObject objectClass: organization
# search result search: 3 result: 0 Success
# numResponses: 2 # numEntries: 1
[root@ldapserver ~]# ldapsearch -ZZ -W -D 'cn=Manager,dc=example,dc=com' -s base Enter LDAP Password: SASL/GSSAPI authentication started SASL username: matt@EXAMPLE.COM SASL SSF: 56 SASL data security layer installed. # extended LDIF # # LDAPv3 # base <dc=example,dc=com> (default) with scope baseObject # filter: (objectclass=*) # requesting: ALL #
# search result search: 5 result: 32 No such object
# numResponses: 1
Arjan Hulshoff arjan.m.hulshoff@zonnet.nl writes:
Hi all,
I am trying to learn how to use OpenLDAP in combination with Cyrus SASL and MIT Kerberos 5. While testing I got the following error: result: 32 No such object. Below you can see that the response with simple bind works flawless, but as soon as I am trying to use SASL and Kerberos I get the previous mentioned response. Everything I could find on google didn't help. So I hope someone can point me in the right direction. I am not sure what extra information you need. I am clueless as you might have understood.
[root@ldapserver ~]# ldapsearch -ZZ -W -D 'cn=Manager,dc=example,dc=com' -s base Enter LDAP Password: SASL/GSSAPI authentication started SASL username: matt@EXAMPLE.COM SASL SSF: 56 SASL data security layer installed. # extended LDIF # # LDAPv3 # base <dc=example,dc=com> (default) with scope baseObject # filter: (objectclass=*) # requesting: ALL #
# search result search: 5 result: 32 No such object
# numResponses: 1
man ldapsearch(1), parameters X and Y, has matt@EXAMPLE.COM read access to the basedn? You should probably elaborate on authz-regexp in slapd.conf.
-Dieter
Dieter Kluenter wrote:
Arjan Hulshoff arjan.m.hulshoff@zonnet.nl writes:
Hi all,
I am trying to learn how to use OpenLDAP in combination with Cyrus SASL and MIT Kerberos 5. While testing I got the following error: result: 32 No such object. Below you can see that the response with simple bind works flawless, but as soon as I am trying to use SASL and Kerberos I get the previous mentioned response. Everything I could find on google didn't help. So I hope someone can point me in the right direction. I am not sure what extra information you need. I am clueless as you might have understood.
[root@ldapserver ~]# ldapsearch -ZZ -W -D 'cn=Manager,dc=example,dc=com' -s base Enter LDAP Password: SASL/GSSAPI authentication started SASL username: matt@EXAMPLE.COM SASL SSF: 56 SASL data security layer installed. # extended LDIF # # LDAPv3 # base <dc=example,dc=com> (default) with scope baseObject # filter: (objectclass=*) # requesting: ALL #
# search result search: 5 result: 32 No such object
# numResponses: 1
man ldapsearch(1), parameters X and Y, has matt@EXAMPLE.COM read access to the basedn? You should probably elaborate on authz-regexp in slapd.conf.
-Dieter
Thanks Dieter! My authz-regexp was not correct indeed... It works now!
Arjan
openldap-software@openldap.org
-
Arjan Hulshoff -
Dieter Kluenter