(taking this to a new thread)
Sorry for such a vague question, but my (perhaps failing) memory is once
upon a time there were still certain backends or overlays that couldn't
yet be configured via cn=config and had to be specified in slapd.conf.
Has 2.4 has already cleared up all of those legacy configuration
requirements or is that a 2.5 goal? Thanks!
Can ldapsearch work with Windows AD via GSSAPI? Is there any special setting/software I need to do on the client side?
On my Client system, I have Windows openldap client tools (ldapsearch ....etc). My Server system has Windows AD running.
I was able to use Simple Authentication and it worked.
ldapsearch.exe -H ldap://MPSD-EB01T3/ -b "dc=test,dc=com" -x
I know Windows 2008 AD support GSSAPI.
ldapsearch -H ldap://MPSD-EB01T3/ -xLLL -s base -b "" supportedSASLMechanisms
Now I tried to use GSSAPI and it failed. Is there anything special setting I need to do on the client side to make it work?
ldapsearch -H ldap://MPSD-EB01T3/ -b "cn=user1,dc=test,dc=com" -W -U user1 -Y GSSAPI -d 3
ldap_sasl_interactive_bind_s: user selected: GSSAPI
ldap_new_connection 1 1 0
ldap_connect_to_host: TCP MPSD-EB01T3:389
ldap_connect_to_host: Trying 192.168.1.30:389
ldap_pvt_connect: fd: 392 tm: -1 async: 0
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available: Unable to find a calback: 2