Dear list members,
i have just setted, in my environment, kerberos, cyrus-sasl and openldap. My host operational plataform is Debian.
I am facing a situation like this: altough i configured cyrus SASL i can't see its mech with the following command:
sioux@gustav:~/ldap$ ldapsearch -x -b "" -s base supportedSASLMechanisms # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: supportedSASLMechanisms #
# dn:
# search result search: 2 result: 0 Success
# numResponses: 2 # numEntries: 1 sioux@gustav:~/ldap$
My ldap server ldd output is:
gustav:/etc/ldap# ldd `which slapd` linux-gate.so.1 => (0xffffe000) libldap_r-2.3.so.0 => /usr/lib/libldap_r-2.3.so.0 (0xb7f1c000) liblber-2.3.so.0 => /usr/lib/liblber-2.3.so.0 (0xb7f10000) libiodbc.so.2 => /usr/lib/libiodbc.so.2 (0xb7ec8000) libslp.so.1 => /usr/lib/libslp.so.1 (0xb7eb9000) libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7ea3000) libssl.so.0.9.8 => /usr/lib/i686/cmov/libssl.so.0.9.8 (0xb7e64000) libcrypto.so.0.9.8 => /usr/lib/i686/cmov/libcrypto.so.0.9.8 (0xb7d2a000) libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1 (0xb7cfc000) libresolv.so.2 => /lib/tls/i686/cmov/libresolv.so.2 (0xb7ce8000) libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0xb7cd6000) libltdl.so.3 => /usr/lib/libltdl.so.3 (0xb7ccf000) libwrap.so.0 => /lib/libwrap.so.0 (0xb7cc7000) libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7b96000) libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0xb7b92000) libnsl.so.1 => /lib/tls/i686/cmov/libnsl.so.1 (0xb7b7b000) libz.so.1 => /usr/lib/libz.so.1 (0xb7b67000) /lib/ld-linux.so.2 (0xb7f6b000) gustav:/etc/ldap#
May some one help with this stuff?
Thanks a lot for your time and cooperation.
Best regards.
Hi John,
I have more or less the same set-up as you do, but on Windows box. Some time ago I came across the same issue. To my mind, that relates to a 'path' problem. I mean, SASL library path should be added to the 'path' env variable.
Just to test for SASL mechanisms (on Windows):
a) pluginviewer.exe: Installed SASL (server side) mechanisms are: SRP PLAIN OTP NTLM LOGIN GSSAPI DIGEST-MD5 CRAM-MD5 ANONYMOUS EXTERNAL
b) run ldapsearch -x -b "" -s base supportedSASLMechanisms
# extended LDIF## LDAPv3# base <> with scope baseObject# filter: (objectclass=*)# requesting: supportedSASLMechanisms##dn:supportedSASLMechanisms: SRP supportedSASLMechanisms: OTPsupportedSASLMechanisms: NTLMsupportedSASLMechanisms: GSSAPI supportedSASLMechanisms: DIGEST-MD5 supportedSASLMechanisms: CRAM-MD5# search resultsearch: 2result: 0 Success# numResponses: 2# numEntries: 1 Let know how you go.
Cheers,
Sergio.
Date: Fri, 31 Oct 2008 14:23:54 -0200> From: john.nietzsche@gmail.com> To: openldap-software@openldap.org> Subject: SASL> > Dear list members,> > i have just setted, in my environment, kerberos, cyrus-sasl and> openldap. My host operational plataform is Debian.> > I am facing a situation like this: altough i configured cyrus SASL i> can't see its mech with the following command:> > sioux@gustav:~/ldap$ ldapsearch -x -b "" -s base supportedSASLMechanisms> # extended LDIF> #> # LDAPv3> # base <> with scope baseObject> # filter: (objectclass=*)> # requesting: supportedSASLMechanisms> #> > #> dn:> > # search result> search: 2> result: 0 Success> > # numResponses: 2> # numEntries: 1> sioux@gustav:~/ldap$> > My ldap server ldd output is:> > gustav:/etc/ldap# ldd `which slapd`> linux-gate.so.1 => (0xffffe000)> libldap_r-2.3.so.0 => /usr/lib/libldap_r-2.3.so.0 (0xb7f1c000)> liblber-2.3.so.0 => /usr/lib/liblber-2.3.so.0 (0xb7f10000)> libiodbc.so.2 => /usr/lib/libiodbc.so.2 (0xb7ec8000)> libslp.so.1 => /usr/lib/libslp.so.1 (0xb7eb9000)> libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7ea3000)> libssl.so.0.9.8 => /usr/lib/i686/cmov/libssl.so.0.9.8 (0xb7e64000)> libcrypto.so.0.9.8 => /usr/lib/i686/cmov/libcrypto.so.0.9.8> (0xb7d2a000) libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1> (0xb7cfc000)> libresolv.so.2 => /lib/tls/i686/cmov/libresolv.so.2 (0xb7ce8000)> libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0xb7cd6000)> libltdl.so.3 => /usr/lib/libltdl.so.3 (0xb7ccf000)> libwrap.so.0 => /lib/libwrap.so.0 (0xb7cc7000)> libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7b96000)> libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0xb7b92000)> libnsl.so.1 => /lib/tls/i686/cmov/libnsl.so.1 (0xb7b7b000)> libz.so.1 => /usr/lib/libz.so.1 (0xb7b67000)> /lib/ld-linux.so.2 (0xb7f6b000)> gustav:/etc/ldap#> > > May some one help with this stuff?> > Thanks a lot for your time and cooperation.> > Best regards.
_________________________________________________________________
"John Nietzsche" john.nietzsche@gmail.com writes:
Dear list members,
i have just setted, in my environment, kerberos, cyrus-sasl and openldap. My host operational plataform is Debian.
I am facing a situation like this: altough i configured cyrus SASL i can't see its mech with the following command:
sioux@gustav:~/ldap$ ldapsearch -x -b "" -s base supportedSASLMechanisms # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: supportedSASLMechanisms #
# dn:
# search result search: 2 result: 0 Success
# numResponses: 2 # numEntries: 1 sioux@gustav:~/ldap$
This is probably an access control problem, do you have something like
access to dn.base="" by * read access to dn.base=cn=subschema by * read
in your slapd.conf in order to allow anonymous read on root DSE and subschema? An other hint: you should not relay on google search results! If you would have read OpenLDAP Documentation you should know that OpenLDAP has implemeneted RFC-3673 (all operational attributes). ldapsearch -x -b "" -s base + | grep 'supportedSASLMechanisms'
-Dieter
openldap-software@openldap.org
-
Dieter Kluenter -
Hacker SF -
John Nietzsche