ODSEE - GSSAPI Authentication Against a Kerberos Provider Using 'ldapsearch' Gives Error 'Unknown authentication method'
(Doc ID 1981431.1)
Last updated on JUNE 03, 2024
Applies to:
Oracle Directory Server Enterprise Edition - Version 11.1.1.7.0 to 11.1.1.7.2 [Release 11gR1]Information in this document applies to any platform.
Symptoms
On : 11.1.1.7.0 version while trying to authenticate against a Kerberos provider using GSSAPI with these documents,
Oracle® Fusion Middleware Administrator's Guide for Oracle Directory Server Enterprise Edition
11g Release 1 (11.1.1.7.0)
Part Number E28972-01
5 Directory Server Security
5.5.2.3.12 Directory Server Machine: Configure the Directory Server to Enable GSSAPI:
and Oracle knowledge article,
"Configuring SASL/GSSAPI Authentication Against a Kerberos Provider in Oracle Directory Server Enterprise Edition (Doc ID 1364537.1)"
Running ldapsearch returns the following error:
# cd /ldap/dsrk/bin
# date ; ./ldapsearch -v -p <LDAP_PORT> -o mech=GSSAPI -o authzid="<kerberos-test>@<DOMAIN_NAME>" -h localhost -b dc=<SUFFIX_DN> uid=<kerberos-test> dn
jue feb 12 16:52:39 EST 2015
bin_ldapsearch: started Thu Feb 12 16:52:39 2015
ldap_init( localhost, 389 )
ldap_sasl_interactive_bind_s: Unknown authentication method
Oracle Directory Server access log just shows the following,
[12/Feb/2015:16:52:39 -0500] <.....> op=-1 msgId=-1 - fd=18 slot=18 LDAP connection from <IP> to <IP>
[12/Feb/2015:16:52:39 -0500] <.....> op=0 msgId=1 - UNBIND
[12/Feb/2015:16:52:39 -0500] <.....> op=0 msgId=-1 - closing from <IP> - U1 - Connection closed by unbind client -
[12/Feb/2015:16:52:40 -0500] <.....> op=-1 msgId=-1 - closed.
# uname -a
Linux <hostname> 2.6.32-494.el6.x86_64 #1 SMP Tue Jul 29 02:00:14 EDT 2014 x86_64 x86_64 x86_64 GNU/Linux
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |
References |