ldapsearch -LLL -x -H ldap://localhost -s "base" -b "" supportedSASLMechanisms dn: supportedSASLMechanisms: ANONYMOUS supportedSASLMechanisms: LOGIN supportedSASLMechanisms: NTLM supportedSASLMechanisms: PLAIN supportedSASLMechanisms: DIGEST-MD5 supportedSASLMechanisms: CRAM-MD5
also i have this line "sasl-secprops none" in to my /etc/ldap/slapd.conf
On Jul 20, 2010, at 7:31 PM, Dan White wrote:
On 20/07/10 12:44 +0600, OSHIM wrote:
ldapsearch -Y PLAIN -U swimonowar -W -b dc=myproject,dc=net -v -d 1 ldap_initialize( <DEFAULT> ) ldap_create Enter LDAP Password: ldap_sasl_interactive_bind_s: user selected: PLAIN ldap_int_sasl_bind: PLAIN ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP localhost:389 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 127.0.0.1:389 ldap_pvt_connect: fd: 3 tm: -1 async: 0 ldap_int_sasl_open: host=myproject.net ldap_err2string ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
getting this error
Use:
ldapsearch -LLL -x -H ldap://ldap.example.org -s "base" -b "" supportedSASLMechanisms
to see which mechanisms are offered by the server.
It appears that you will need to add the following line to your OpenLDAP config file (not your SASL config file), to have slapd offer the PLAIN mechanism:
sasl-secprops none
See the manpage for slapd.conf for additional details. Doing so is a security risk, and you should consider using SSL/TLS in a production environment.
-- Dan White