My scenario is relatively simple. The user authentication and LDAP directory for our local application is managed on corporate servers for which we lack administrative rights. We wish to maintain a local view of the LDAP directory for the information that our local application requires, but not alter the user authentication on the corporate servers.
Tim
On Thu, Jan 21, 2016 at 6:21 PM, Sergio NNX sfhacker@hotmail.com wrote:
I am new at LDAP , that is obvious I guess. But, I've been around Unix for 30 years.
Are we still having issues? We might be able to assist you if you describe your set up and your goal in more detail.
Cheers,
Ser.
Date: Thu, 21 Jan 2016 14:31:28 -0600 From: dwhite@cafedemocracy.org To: timothy.g.keith@gmail.com Subject: Re: pass-through authentication CC: dwhite@cafedemocracy.org; openldap-technical@openldap.org
You can view your config with:
slapcat -n0
And verify that object exists.
If you're receiving this error due to an ACL problem, verify you have the proper configuration in place to authenticate as the rootdn using sasl/external. See the slapd-config manpage, and see section 15.2 (and in particular 15.2.5) of the Administrator's guide, and reference your OS/distro documentation.
On 01/21/16 12:35 -0600, Timothy Keith wrote:
I commented the mech_list in slapd.conf
The ldapsearch result is now No such object
ldapsearch -LLLQY EXTERNAL -H ldapi:/// -b cn=config "(|(cn=config)(olcDatabase={1}hdb))" No such object (32)
On Fri, Jan 8, 2016 at 2:34 PM, Dan White dwhite@cafedemocracy.org wrote:
On 01/07/16 17:24 -0600, Timothy Keith wrote:
ldapsearch -LLLQY EXTERNAL -H ldapi:/// -b cn=config "(|(cn=config)(olcDatabase={1}hdb))" ldap_sasl_interactive_bind_s: Authentication method not supported (7) additional info: SASL(-4): no mechanism available:
I'm missing some context here. Most likely you have a mech_list hard coded in your slapd.conf sasl, which does not include the external mech.