ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
Dan White
dwhite at olp.net
Fri Aug 15 21:39:02 EDT 2008
Chavez, James R. wrote:
> Hello all,
> I am trying to run an ldapwhami on a client box and I receive this
> message.
> #ldapwhoami
> ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
> additional info: SASL(-4): no mechanism available: No worthy
> mechs found.
>
> On my LDAP server I get the correct messages such as..
>
> # ldapwhoami
> SASL/GSSAPI authentication started
> SASL username: firs_last at TEST.EXAMPLE.COM
> SASL SSF: 56
> SASL installing layers
> dn:uid=first_last,cn=gssapi,cn=auth
> Result: Success (0)
>
>
>
> I have read the Cyrus-SASL Administartor's guide but I must admit I am a
> bit lost. How can I make the CYRUS GSSAPI work between client and
> server. Do I need to set the SASL_MECH somewhere? If so where?
>
You may be missing the GSSAPI mechanism on your client system.
To verify, try running 'pluginviewer'. If you don't see GSSAPI listed,
you're probably missing the shared library, or don't have it installed
correctly.
To force the openldap client tools to use a specific mechanism, use the
'-Y' command line option:
ldapwhoami -Y GSSAPI
To verify that the server is making the GSSAPI mechanism available (over
the transport you're using), try:
ldapsearch -x -H -LLL -s "base" -b "" supportedSASLMechanisms
- Dan
More information about the Cyrus-sasl
mailing list