ldapsearch -LLL -x -H ldap://localhost -s "base" -b "" supportedSASLMechanisms dn: supportedSASLMechanisms: ANONYMOUS supportedSASLMechanisms: LOGIN supportedSASLMechanisms: NTLM supportedSASLMechanisms: PLAIN supportedSASLMechanisms: DIGEST-MD5 supportedSASLMechanisms: CRAM-MD5
also i have this line "sasl-secprops none" in to my /etc/ldap/slapd.conf On Jul 20, 2010, at 7:31 PM, Dan White wrote: > On 20/07/10 12:44 +0600, OSHIM wrote: >> ldapsearch -Y PLAIN -U swimonowar -W -b dc=myproject,dc=net -v -d 1 >> ldap_initialize( <DEFAULT> ) >> ldap_create >> Enter LDAP Password: ldap_sasl_interactive_bind_s: user selected: PLAIN >> ldap_int_sasl_bind: PLAIN >> ldap_new_connection 1 1 0 >> ldap_int_open_connection >> ldap_connect_to_host: TCP localhost:389 >> ldap_new_socket: 3 >> ldap_prepare_socket: 3 >> ldap_connect_to_host: Trying 127.0.0.1:389 >> ldap_pvt_connect: fd: 3 tm: -1 async: 0 >> ldap_int_sasl_open: host=myproject.net >> ldap_err2string >> ldap_sasl_interactive_bind_s: Unknown authentication method (-6) >> >> getting this error > > Use: > > ldapsearch -LLL -x -H ldap://ldap.example.org -s "base" -b "" > supportedSASLMechanisms > > to see which mechanisms are offered by the server. > > It appears that you will need to add the following line to your OpenLDAP > config file (not your SASL config file), to have slapd offer the PLAIN > mechanism: > > sasl-secprops none > > See the manpage for slapd.conf for additional details. Doing so > is a security risk, and you should consider using SSL/TLS in a > production environment. > > -- > Dan White
