[Pkg-openldap-devel] Bug#492359: ldap-utils: ldapsearch fails to connect to MS AD with user certificate

Stefan Pietsch stefan.pietsch at lsexperts.de
Fri Jul 25 15:16:08 UTC 2008


Package: ldap-utils
Version: 2.4.10-2+lenny1
Severity: normal


lenny ldapsearch cannot connect to MS AD with a user certificate using this command:

# ldapsearch -H ldap://192.168.x.x -Y EXTERNAL -Z
SASL/EXTERNAL authentication started
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)


ldaprc:
TLS_CERT        ./pietsch.pem
TLS_KEY         ./privkey.pem
TLS_REQCERT     never



This configuration works on etch!

libldap installed on etch:
ii  libldap-2.3-0           2.3.30-5+etch1   OpenLDAP libraries

libldap-2.3-0
  Depends: libc6
  Depends: libsasl2-2
  Depends: libssl0.9.8
  Depends: libldap2


-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=locale: Cannot set LC_ALL to default locale: No such file or directory
UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages ldap-utils depends on:
ii  libc6                    2.7-10          GNU C Library: Shared libraries
ii  libgnutls26              2.4.1-1         the GNU TLS library - runtime libr
ii  libldap-2.4-2            2.4.10-2+lenny1 OpenLDAP libraries
ii  libsasl2-2               2.1.22.dfsg1-21 Cyrus SASL - authentication abstra

Versions of packages ldap-utils recommends:
ii  libsasl2-modules         2.1.22.dfsg1-21 Cyrus SASL - pluggable authenticat

ldap-utils suggests no packages.

-- debconf information excluded





More information about the Pkg-openldap-devel mailing list