My scenario is relatively simple. The user authentication and LDAP
directory for our local application is managed on corporate servers
for which we lack administrative rights. We wish to maintain a local
view of the LDAP directory for the information that our local
application requires, but not alter the user authentication on the
corporate servers.
Tim
On Thu, Jan 21, 2016 at 6:21 PM, Sergio NNX <sfhacker(a)hotmail.com> wrote:
>> I am new at LDAP , that is obvious I guess. But, I've been around Unix
>> for 30 years.
>
> Are we still having issues? We might be able to assist you if you describe
> your set up and your goal in more detail.
>
> Cheers,
>
> Ser.
>
>> Date: Thu, 21 Jan 2016 14:31:28 -0600
>> From: dwhite(a)cafedemocracy.org
>> To: timothy.g.keith(a)gmail.com
>> Subject: Re: pass-through authentication
>> CC: dwhite(a)cafedemocracy.org; openldap-technical(a)openldap.org
>>
>> You can view your config with:
>>
>> slapcat -n0
>>
>> And verify that object exists.
>>
>> If you're receiving this error due to an ACL problem, verify you
>> have the proper configuration in place to authenticate as the rootdn using
>> sasl/external. See the slapd-config manpage, and see section 15.2 (and in
>> particular 15.2.5) of the Administrator's guide, and reference your
>> OS/distro documentation.
>>
>> On 01/21/16 12:35 -0600, Timothy Keith wrote:
>> >I commented the mech_list in slapd.conf
>> >
>> >The ldapsearch result is now No such object
>> >
>> >ldapsearch -LLLQY EXTERNAL -H ldapi:/// -b cn=config
>> >"(|(cn=config)(olcDatabase={1}hdb))"
>> >No such object (32)
>> >
>> >On Fri, Jan 8, 2016 at 2:34 PM, Dan White <dwhite(a)cafedemocracy.org>
>> > wrote:
>> >> On 01/07/16 17:24 -0600, Timothy Keith wrote:
>> >>>
>> >>> ldapsearch -LLLQY EXTERNAL -H ldapi:/// -b cn=config
>> >>> "(|(cn=config)(olcDatabase={1}hdb))"
>> >>> ldap_sasl_interactive_bind_s: Authentication method not supported (7)
>> >>> additional info: SASL(-4): no mechanism available:
>> >>
>> >>
>> >> I'm missing some context here. Most likely you have a mech_list hard
>> >> coded
>> >> in your slapd.conf sasl, which does not include the external mech.
>>