Chavez, James R. wrote:
Hello all,
I am trying to run an ldapwhami on a client box and I receive this
message.
#ldapwhoami
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available: No worthy
mechs found.
On my LDAP server I get the correct messages such as..
# ldapwhoami
SASL/GSSAPI authentication started
SASL username: firs_last@xxxxxxxxxxxxxxxx
SASL SSF: 56
SASL installing layers
dn:uid=first_last,cn=gssapi,cn=auth
Result: Success (0)
I have read the Cyrus-SASL Administartor's guide but I must admit I am a
bit lost. How can I make the CYRUS GSSAPI work between client and
server. Do I need to set the SASL_MECH somewhere? If so where?
You may be missing the GSSAPI mechanism on your client system.
To verify, try running 'pluginviewer'. If you don't see GSSAPI listed,
you're probably missing the shared library, or don't have it installed
correctly.
To force the openldap client tools to use a specific mechanism, use the
'-Y' command line option:
ldapwhoami -Y GSSAPI
To verify that the server is making the GSSAPI mechanism available (over
the transport you're using), try:
ldapsearch -x -H -LLL -s "base" -b "" supportedSASLMechanisms
- Dan
