Postfix, SASL and LDAPDB: no worthy mech found
Dieter Kluenter
dieter at dkluenter.de
Sun May 23 07:40:24 EDT 2010
Julien Vehent <julien at linuxwall.info> writes:
> On Fri, 21 May 2010 15:52:40 +0200, "Dieter Kluenter"
> <dieter at dkluenter.de> wrote:
>>
>> try ldapsearch -x -H ldap://<host> -b "" -s base
>> suppportedSASLMechanisms
>> Mostlikely SASL PLAIN mechanism is not available.
>> Because OpenLDAP only supports PLAIN in a protected network
>> environment, that is either TLS or ldapi
>>
>
> Your command doesn't seem to work, but the following one is:
Why not, what is the error?
>
> # ldapsearch -b "" -s base + -Z -U postfix
Here you initialize startTLS, as this is a secure session, all
available SASL Mechanisms are shown. The main purpose is to debug
ldapdb, so please connect to the directory the way ldapdb is
configured to operate. It doesn't make sense to run startTLS and a
DIGEST-MD5 authentication, if ldapdb only uses PLAIN and no
startTLS.
-Dieter
--
Dieter Klünter | Systemberatung
sip: +49.40.20932173
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6
More information about the Cyrus-sasl
mailing list