Hello, I just compiled OpenLDAP 2.5alpha on a debian 10 system. I used this howto: https://tylersguides.com/guides/install-openldap-source-debian-stretch/ Slapd is running and I load the following ldif: ----------------- dn: cn=config objectClass: olcGlobal cn: config olcArgsFile: /opt/openldap-current/var/run/slapd.args olcPidFile: /opt/openldap-current/var/run/slapd.pid olcTLSCACertificateFile: /etc/ssl/certificates/demoCA/cacert.pem olcTLSCertificateFile: /etc/ssl/certificates/ldap01-cert.pem olcTLSCertificateKeyFile: /etc/ssl/certificates/ldap01-key.pem olcTLSCipherSuite: TLSv1.2:HIGH:!aNULL:!eNULL olcTLSProtocolMin: 3.3 dn: cn=schema,cn=config objectClass: olcSchemaConfig cn: schema dn: cn=module,cn=config objectClass: olcModuleList cn: module olcModulepath: /opt/openldap-current/libexec/openldap olcModuleload: back_mdb.la olcModuleload: pw-sha2.la include: file:///opt/openldap-current/etc/openldap/schema/core.ldif include: file:///opt/openldap-current/etc/openldap/schema/cosine.ldif include: file:///opt/openldap-current/etc/openldap/schema/nis.ldif include: file:///opt/openldap-current/etc/openldap/schema/inetorgperson.ldif dn: olcDatabase=frontend,cn=config objectClass: olcDatabaseConfig objectClass: olcFrontendConfig olcDatabase: frontend olcPasswordHash: {SSHA512} olcAccess: to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by * none dn: olcDatabase=config,cn=config objectClass: olcDatabaseConfig olcDatabase: config olcRootDN: cn=config olcAccess: to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by * none ----------------- When I try to do a ldapsearch with -Y EXTERNAL I get the following error: ----------------- root@lda25:~# ldapsearch -Y EXTERNAL  -H ldaps://ldap25.example.net -b cn=config SASL/EXTERNAL authentication started ldap_sasl_interactive_bind: Unknown authentication method (-6)         additional info: SASL(-4): no mechanism available: ----------------- Ldapsearch -ZZ is working: ----------------- root@lda25:~# ldapsearch -x -ZZ -H ldap://ldap25.example.net -b cn=config -LLL No such object (32) root@lda25:~# ldapsearch -x -H ldaps://ldap25.example.net -b cn=config -LLL No such object (32) ----------------- So ldaps and ldap+tls is working. Did I miss something during "configure". I would like to help testing version 2.5. Stefan