Seems like slapd is linked to gssapi and sasl. Are there simply command line options I&#39;m missing to start up slapd?<br><br>frisbee# ldd /usr/local/libexec/slapd <br>/usr/local/libexec/slapd:<br>    libldap_r-2.4.so.6 =&gt; /usr/local/lib/libldap_r-2.4.so.6 (0x2820b000)<br>

    liblber-2.4.so.6 =&gt; /usr/local/lib/liblber-2.4.so.6 (0x28250000)<br>    libdb-4.6.so.0 =&gt; /usr/local/lib/libdb-4.6.so.0 (0x2825d000)<br>    libsasl2.so.2 =&gt; /usr/local/lib/libsasl2.so.2 (0x28385000)<br>    libgssapi.so.9 =&gt; /usr/lib/libgssapi.so.9 (0x2839c000)<br>

    libssl.so.5 =&gt; /usr/lib/libssl.so.5 (0x283a3000)<br>    libcrypto.so.5 =&gt; /lib/libcrypto.so.5 (0x283e4000)<br>    libfetch.so.5 =&gt; /usr/lib/libfetch.so.5 (0x2853d000)<br>    libcom_err.so.4 =&gt; /usr/lib/libcom_err.so.4 (0x2854a000)<br>

    libcrypt.so.4 =&gt; /lib/libcrypt.so.4 (0x2854c000)<br>    libwrap.so.5 =&gt; /usr/lib/libwrap.so.5 (0x28565000)<br>    libthr.so.3 =&gt; /lib/libthr.so.3 (0x2856c000)<br>    libc.so.7 =&gt; /lib/libc.so.7 (0x28581000)<br>

<br>Here&#39;s the config I used to make openldap just to be sure it wasn&#39;t a compile error:<br><br>frisbee# cd /usr/ports/net/openldap24-server/<br>frisbee# make showconfig<br>===&gt; The following configuration options are available for openldap-sasl-server-2.4.16:<br>

     SASL=on &quot;With (Cyrus) SASL2 support&quot;<br>     DYNACL=off &quot;Run-time loadable ACL (experimental)&quot;<br>     ACI=off &quot;Per-object ACI (experimental)&quot;<br>     DNSSRV=off &quot;With Dnssrv backend&quot;<br>

     PASSWD=on &quot;With Passwd backend&quot;<br>     PERL=off &quot;With Perl backend&quot;<br>     RELAY=on &quot;With Relay backend&quot;<br>     SHELL=off &quot;With Shell backend (disables threading)&quot;<br>     SOCK=off &quot;With Sock backend&quot;<br>

     ODBC=off &quot;With SQL backend&quot;<br>     RLOOKUPS=off &quot;With reverse lookups of client hostnames&quot;<br>     SLP=off &quot;With SLPv2 (RFC 2608) support&quot;<br>     SLAPI=off &quot;With Netscape SLAPI plugin API&quot;<br>

     TCP_WRAPPERS=on &quot;With tcp wrapper support&quot;<br>     BDB=on &quot;With BerkeleyDB support&quot;<br>     ACCESSLOG=off &quot;With In-Directory Access Logging overlay&quot;<br>     AUDITLOG=off &quot;With Audit Logging overlay&quot;<br>

     COLLECT=off &quot;With Collect overy Services overlay&quot;<br>     CONSTRAINT=off &quot;With Attribute Constraint overlay&quot;<br>     DDS=on &quot;With Dynamic Directory Services overlay&quot;<br>     DEREF=off &quot;With Dereference overlay&quot;<br>

     DYNGROUP=on &quot;With Dynamic Group overlay&quot;<br>     DYNLIST=on &quot;With Dynamic List overlay&quot;<br>     LASTMOD=on &quot;With Last Modification overlay&quot;<br>     MEMBEROF=off &quot;With Reverse Group Membership overlay&quot;<br>

     PPOLICY=on &quot;With Password Policy overlay&quot;<br>     PROXYCACHE=off &quot;With Proxy Cache overlay&quot;<br>     REFINT=on &quot;With Referential Integrity overlay&quot;<br>     RETCODE=on &quot;With Return Code testing overlay&quot;<br>

     RWM=on &quot;With Rewrite/Remap overlay&quot;<br>     SEQMOD=on &quot;Sequential Modify overlay&quot;<br>     SYNCPROV=on &quot;With Syncrepl Provider overlay&quot;<br>     TRANSLUCENT=off &quot;With Translucent Proxy overlay&quot;<br>

     UNIQUE=off &quot;With attribute Uniqueness overlay&quot;<br>     VALSORT=off &quot;With Value Sorting overlay&quot;<br>     SMBPWD=off &quot;With Samba Password hashes overlay&quot;<br>     DYNAMIC_BACKENDS=off &quot;Build dynamic backends&quot;<br>

===&gt; Use &#39;make config&#39; to modify these settings<br><br><br clear="all">
<br><br><div class="gmail_quote">On Tue, Aug 11, 2009 at 6:38 AM, Dieter Kluenter <span dir="ltr">&lt;<a href="mailto:dieter@dkluenter.de">dieter@dkluenter.de</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">

<div class="im">Allan &lt;<a href="mailto:cr4z3d@gmail.com">cr4z3d@gmail.com</a>&gt; writes:<br>
<br>
</div><div class="im">&gt; OpenLDAP is compiled with SASL support. I remember checking the box for SASL<br>
&gt; and if I cd /usr/ports/net/openldap24-server &amp;&amp; make config I see that SASL is<br>
&gt; indeed marked. As far as checking for libgssapi, I ran the following to<br>
&gt; verify:<br>
<br>
</div>is libsasl really linked to slapd? &#39;ldd slapd&#39; or whatever tool is<br>
supplied with freeBSD, will proof it.<br>
<div class="im"><br>
&gt; frisbee# locate libgssapi<br>
&gt; /usr/lib/libgssapi.a<br>
&gt; /usr/lib/libgssapi.so<br>
&gt; /usr/lib/libgssapi.so.9<br>
&gt; /usr/lib/libgssapi_krb5.a<br>
&gt; /usr/lib/libgssapi_krb5.so<br>
&gt; /usr/lib/libgssapi_krb5.so.9<br>
&gt; /usr/local/lib/sasl2/libgssapiv2.a<br>
&gt; /usr/local/lib/sasl2/<a href="http://libgssapiv2.la" target="_blank">libgssapiv2.la</a><br>
&gt; /usr/local/lib/sasl2/libgssapiv2.so<br>
&gt; /usr/local/lib/sasl2/libgssapiv2.so.2<br>
<br>
</div>this looks similar to mine, and the output of ldapsearch is:<br>
<br>
dieter@rubin:~&gt; ldapsearch -x -LLL -ZZ -H ldap://localhost -b &quot;&quot; -s base supportedSaslMechanisms<br>
dn:<br>
supportedSASLMechanisms: PLAIN<br>
supportedSASLMechanisms: CRAM-MD5<br>
supportedSASLMechanisms: GSSAPI<br>
supportedSASLMechanisms: DIGEST-MD5<br>
supportedSASLMechanisms: EXTERNAL<br>
<br>
I really suspect that libsasl is not linked to slapd.<br>
<div><div></div><div class="h5"><br>
-Dieter<br>
<br>
--<br>
Dieter Klünter | Systemberatung<br>
<a href="http://dkluenter.de" target="_blank">http://dkluenter.de</a><br>
GPG Key ID:8EF7B6C6<br>
53°08&#39;09,95&quot;N<br>
10°08&#39;02,42&quot;E<br>
</div></div></blockquote></div><br>