Thursday, 27 August 2009
Error "ldap_sasl_interactive_bind_s: Unknown authentication method (-6)" on a LDAPSearch command ...
Whilst building my mega Connections / Domino / Portal / Quickr / Sametime / WCM environment recently, I was using the LDAPSearch command that's available with many Unix installations, including Red Hat Enterprise Linux and Apple OSX.
This is a commonly-used command, and has a fairly simple syntax e.g.
ldapsearch -h hostname.domain.com cn=foobar
ldapsearch -h hostname.domain.com -b o=organisation cn=foobar
ldapsearch -h hostname.domain.com -b o=organisation -D cn=admin -w password cn=foobar
However, I kept seeing the error: -
SASL/EXTERNAL authentication started
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available:
After a quick Google search, it appears that that the LDAPSearch command that I was using is based upon the OpenLDAP product, which defaults to using an authentication mechanism called Simple Authentication and Security Layer (SASL).
Therefore, the LDAPSearch command was expecting to find a SASL-enabled server at the other end - given that I wasn't using OpenLDAP as a server ( I was actually using Domino LDAP ), the trick was to disable the SASL authentication on the client, using the -X switch e.g.
ldapsearch -x -h hostname.domain.com cn=foobar
ldapsearch -x -h hostname.domain.com -b o=organisation -D cn=admin -w password cn=foobar
Thanks to this blog post for the answer.
Subscribe to Posts [Atom]