В Wed, 23 Jun 2010 20:57:10 +0400
Alexander Gordeev пишет:
> On Wed, 23 Jun 2010 16:33:17 +0200
> Sumit Bose wrote:
>
> > This message is generated if there is not matching SASL mech entry
> > ('gssapi' in your case) in the 'supportedSASLMechanisms' of the
> > rootdse. Can you check if your cli
supportedSASLMechanisms is an operational attribute so it's not returned
by openldap if not told explicitly. This change adds an explicit request
for this attribute.
Signed-off-by: Alexander Gordeev
---
src/providers/ldap/sdap_async.c |6 +-
1 files changed, 5 insertions(+), 1 deletions(
supportedSASLMechanisms is an operational attribute so it's not returned
by openldap if not told explicitly. This change adds an explicit request
for this attribute.
Signed-off-by: Alexander Gordeev
---
src/providers/ldap/sdap_async.c |6 +-
1 files changed, 5 insertions(+), 1 deletions(
On Wed, 23 Jun 2010 16:33:17 +0200
Sumit Bose wrote:
> This message is generated if there is not matching SASL mech entry
> ('gssapi' in your case) in the 'supportedSASLMechanisms' of the rootdse.
> Can you check if your client can read the rootdse and if you can find
> the gssapi entry there?
T
On Wed, Jun 23, 2010 at 06:02:24PM +0400, Alexander Gordeev wrote:
> On Wed, 23 Jun 2010 09:35:42 -0400
> Stephen Gallagher wrote:
>
> > I don't think we ever tested GSSAPI over LDAPS. I'm not sure if that
> > works. Can you try over straight LDAP? The GSSAPI SASL mechanism
> > provides an encryp
Alexander Gordeev wrote:
> On Wed, 23 Jun 2010 09:35:42 -0400
> Stephen Gallagher wrote:
>
>
>> I don't think we ever tested GSSAPI over LDAPS. I'm not sure if that
>> works. Can you try over straight LDAP? The GSSAPI SASL mechanism
>> provides an encrypted tunnel, so LDAPS would be overkill as
On Wed, 23 Jun 2010 09:35:42 -0400
Stephen Gallagher wrote:
> I don't think we ever tested GSSAPI over LDAPS. I'm not sure if that
> works. Can you try over straight LDAP? The GSSAPI SASL mechanism
> provides an encrypted tunnel, so LDAPS would be overkill as well.
>
> If that works, please file
I don't think we ever tested GSSAPI over LDAPS. I'm not sure if that
works. Can you try over straight LDAP? The GSSAPI SASL mechanism
provides an encrypted tunnel, so LDAPS would be overkill as well.
If that works, please file a bug at https://fedorahosted.org/sssd and
we'll look into fixing it to
Hi All!
Sorry if I've chosen the wrong place to write. If there is a better
place to ask for support, please tell me.
I have problems retrieving user and group data from ldap using sssd. I
use openldap as ldap server. The only allowed authentication mechanism
is GSSAPI. All other are turned off e
