Re: kadmin: hdb_open: ldap_sasl_bind_s: Authentication method notsupported

[Howard Chu <hyc@highlandsun.com>]

fandino wrote:
> Hello,
> 
>  First of all I'm not sure if this something related to
> heimdal or it's a sasl or openldap issue, so please be
> patient with my question.
> 
>  I'm testing a new configuracion with heimdal and ldap
> as backend, heimdal (0.6.4) is compiled with ldap support
> (openldap 2.2.26), I think I setup everything correctly
> but at time that the realm is created this error is
> printed:
> 
> # kadmin -l
> kadmin> init FADESA.ES
> kadmin: hdb_open: ldap_sasl_bind_s: Authentication method not supported
> kadmin>
> 
>  bellow, you can see as the openldap server is contacted
> using the ldapi socket and the request is denied with the
> following message:
> 
> "SASL(-4): no mechanism available: "
> 
> please note I use recent versions for openldap and heimdal
> just to discard this old thread about a similar report:
> 
> http://www.stacken.kth.se/lists/heimdal-discuss/2004-08/msg00055.html
> 
>  anyone knows why heimdal is trying contact the openldap
> server using an EXTERNAL mech and anonymous bind???

That's just the way the Heimdal code is written. You didn't mention what 
  OS you're running on. Your system needs to support some form of 
credential passing over Unix domain sockets in order for this to work. 
The OpenLDAP code currently supports the original 4.3 BSD Unix domain 
socket semantics, current Linux versions, AIX, and Solaris/SVR4.

-- 
   -- Howard Chu
   Chief Architect, Symas Corp.       Director, Highland Sun
   http://www.symas.com               http://highlandsun.com/hyc
   Symas: Premier OpenSource Development and Support