On Sat, Nov 09, 2002 at 07:42:22PM -0800, Ian Eure wrote:
> > AFAIK, slapd will automatically use whatever SASL modules are installed
> > if the client requests SASL authentication. It Works For Me, without
> > any additional configuration.
> FWIW, I haven't been able to get this working, either. I've installed
> libsasl-modules-plain and libsasl-digestmd5-des. Whenever I try to use SASL
> with OpenLDAP, I always get one of two errors:
> 'ldap_sasl_interactive_bind_s: Authentication method not supported'
> (when I try to use DIGEST-MD5 or CRAM-MD5. Note that I also get a
> 'SASL/{CRAM,DIGEST}-MD5 authentication started' message, which is absent from
> the output with other mechanisms)
> or
> 'ldap_sasl_interactive_bind_s: Unknown authentication method'
> (when try PLAIN, LOGIN, or ANONYMOUS)
> I checked slapd.conf(5), added 'sasl-secprops none' to /etc/ldap/slapd.conf,
> and restarted slapd. It still doesn't work.
Hmm, then I suspect the problem you're having is actually that you
haven't configured the authentication database for these SASL modules
(/etc/sasldb). The only SASL mechanism I use is GSSAPI, so I'm not
likely to be much help with the other mechs, but I do see a 'saslpasswd'
command on my system which might have something to do with it all.
--
Steve Langasek
postmodern programmer
Attachment:
pgpiPLeL7FLih.pgp
Description: PGP signature