Dan White wrote: > On 15/05/11 17:59 +0430, Mohammad D wrote: >> I have installed openldap 2.4.23 on windows server 2003. when I run this >> query on ldapsearch: >> ldapsearch -h directory.verisign.com -b "cn=<*>" "(o=*)" >> "certificaterevocationlist" >> I get the following error: >> SASL/EXTERNAL authentication started >> ldap_sasl_interactive_bind_s: Unknown authentication method (-6) >> additional info: SASL(-4): no mechanism available: >> >> I installed MIT kerberos but it did not solve the problem. >> any one know whats the issue and how can it be solved? > > Did you build cyrus sasl with GSSAPI support?
Dan, why do you ask for GSSAPI? I guess the original poster just wants to use command-line option -x for simple anonymous bind. Also the search base (-b) seems to be wrong. It should be -b "" for an empty search base. I doubt that this will work anyway. Playing around with ldap://directory.verisign.com it returns Server is unwilling to perform: Presence filter is unsupported when searching with filter (o=*). Frankly I don't know whether this server is usable anymore for anything one would consider useful. That's the reason I removed it from the default select list in web2ldap's demo server. Side note: Verisign publishes its CRLs via HTTP: http://crl.verisign.com/ Ciao, Michael.
