Hi Michele,
On 02/19/2013 11:31 AM, Michele wrote:
Ok I've tried that and my AD server supports all mechanism you listed above.
The problem is that I'm compiling a client application and I'd like
to use GSSAPI mechanism, but when I compile OpenLDAP I'm not sure if
it is compiling also the GSSAPI stuff.
It should include it if you have the cyrus-sasl-devel RPM installed and
assuming the client has the proper Makefile stuff to include it and link
to it. You can verify the client binary with the ldd command. Example
output:
$ ldd /usr/local/bin/ldapsearch | egrep -i 'sasl|gssapi'
libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00000031fac00000)
libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2
> Also when I try to connect my
client to my AD server it says that no mechanism are available.
Thanks
I don't know much about AD but supporting a mechanism and actually
offering may be two different things. Is GSSAPI actually enabled?
On the client side make sure that you have the cyrus-sasl-gssapi and
krb5-libs RPMs installed.
Regards,
Patrick
