Dan White wrote:
On 15/05/11 17:59 +0430, Mohammad D wrote:
I have installed openldap 2.4.23 on windows server 2003. when I run this query on ldapsearch: ldapsearch -h directory.verisign.com -b "cn=<*>" "(o=*)" "certificaterevocationlist" I get the following error: SASL/EXTERNAL authentication started ldap_sasl_interactive_bind_s: Unknown authentication method (-6) additional info: SASL(-4): no mechanism available:
I installed MIT kerberos but it did not solve the problem. any one know whats the issue and how can it be solved?
Did you build cyrus sasl with GSSAPI support?
Dan, why do you ask for GSSAPI?
I guess the original poster just wants to use command-line option -x for simple anonymous bind. Also the search base (-b) seems to be wrong. It should be -b "" for an empty search base.
I doubt that this will work anyway. Playing around with ldap://directory.verisign.com it returns
Server is unwilling to perform: Presence filter is unsupported
when searching with filter (o=*). Frankly I don't know whether this server is usable anymore for anything one would consider useful. That's the reason I removed it from the default select list in web2ldap's demo server.
Side note: Verisign publishes its CRLs via HTTP: http://crl.verisign.com/
Ciao, Michael.