Your first ldapsearch example was with a non sasl bind (-x). Try ldapsearch -Y <sasl mech> <other params> Looks like digest/cram-md5, gssapi mechs are not installed (at least via rpm???) Perhaps installing these may help as well: cyrus-sasl-ldap-2.1.22-4 cyrus-sasl-md5-2.1.22-4 To be clear, all this will do is validate that ldap+sasl is working ok, so do any of the other samples for sasl work (im used to the src build where the test stuff is under 'sample'). -----Original Message----- From: Shelley Waltz [mailto:shwaltz@xxxxxxxxxxxxxxxx] Sent: Monday, November 26, 2007 12:26 PM To: cyrus-sasl@xxxxxxxxxxxxxxxxxxxx; Chapman, Kyle Subject: RE: LDAP auth failure [root@roadrunner openldap]# rpm -qa|grep sasl cyrus-sasl-lib-2.1.22-4 cyrus-sasl-2.1.22-4 cyrus-sasl-devel-2.1.22-4 cyrus-sasl-plain-2.1.22-4 I mentioned that the md5 password for the rootdn does indeed work in my "luma" ldap browser/editor as well with ldapsearch non-anonymously. On Mon, 26 Nov 2007, Chapman, Kyle wrote: Is the digest-md5 or other sasl mechs installed (some distros did the mechs as sep rpms, don't recall what RH did)? Can you do any sasl binds with ldapsearch with the dn of: cn=waltz_shelley,dc=cabm.rutgers,dc=edu NOTICE: This E-mail may contain confidential information. If you are not the addressee or the intended recipient please do not read this E-mail and please immediately delete this e-mail message and any attachments from your workstation or network mail system. If you are the addressee or the intended recipient and you save or print a copy of this E-mail, please place it in an appropriate file, depending on whether confidential information is contained in the message.
