I'm looking into a Debian bug report: https://bugs.debian.org/860947 ldap_int_sasl_init says: /* XXX not threadsafe */ static int sasl_initialized = 0; I'm not yet sure whether it's the cause of that report, but it does seem to be problematic. I'm seeing spurious "no such mechanism" results and/or crashes in mutiple environments performing SASL binds in parallel: - slapd with multiple syncrepl clients all using SASL binds, - the ldclt tool from the 389-ds project, and - the test program I'm about to describe below. I wrote a test program for this issue, and I'd like to ask the list to check the code before I submit an ITS, in case I've made a mistake that renders my test invalid. gcc -g sasltest.c -pthread -llber -lldap -lsasl2 -DSASL As I understand it, -lldap_r should not be needed here since each thread creates its own LDAP instance. (It doesn't seem to change the results, anyway.) Built without -DSASL, it uses simple binds, and appears to work fine, but again, I'm not confident my code is correct. Thanks! Ryan