I found my mistakes... In slapd.conf I forgot:
sasl-realm va.elysium-os.nl sasl-host eosdeb40.va.elysium-os.nl And the ACL has to start with uid= not cn= access to * by dn="uid=emgadmin/admin,cn=va.elysium-os.nl,cn=gssapi,cn=auth" write by * read This has the result eosdeb40:~/ldap# ldapadd -H ldap://127.0.0.1/ -f people.va.elysium-os.nl.ldif SASL/GSSAPI authentication started SASL username: emgadmin/[EMAIL PROTECTED] SASL SSF: 56 SASL installing layers adding new entry "ou=people,dc=va,dc=elysium-os,dc=nl" I still find it strange that the SASL authentication looked just fine when it all went totally wrong. Thanks anyway for the help with kind regards, Marcel --- You are currently subscribed to [EMAIL PROTECTED] as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.