what i am doing wrong here .. getting LDAP_STRONG_AUTH_NOT_SUPPORTED

[Durairaj Avasi]

When i bind like the following code.. i am getting
LDAP_STRONG_AUTH_NOT_SUPPORTED

if i connect with normal bind without Authen::SASL and $sasl i am
getting LDAP_STRONG_AUTH_REQUIRED error..

what i am doing wrong here... why this drives so grazy...

ldap gurus... help me out.

use Net::LDAP qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR);
use Authen::SASL;
use Net::LDAP::Util qw(ldap_error_name ldap_error_text);

sub lConnect {
my $server = shift;
print " the server name is $server\n";
my $ldap = Net::LDAP->new($server, port=> 389, version => 3);
print "=== The error is $@ <====\n";
return($ldap);
}

my $ldap = &lConnect('$myserver');
my $sasl = Authen::SASL->new(mechanism => 'CRAM-MD5',password =>
'Abcd1234$');
my $isBinded = $ldap->bind ('CN=Durairaj
Avasi,OU=ITDEV2,DC=webdurai,DC=com', sasl => $sasl, version => 3);
print "ERROR detected: -> ", ldap_error_name($isBinded->code), " ",
ldap_error_text($isBinded->code) if($isBinded->code);

 

[Bob Walton]

Durairaj Avasi wrote:

....

what i am doing wrong here... why this drives so grazy... ....


my $ldap = &lConnect('$myserver');

-----------------------^---------^

Well, one thing you are probably doing wrong is using ' to quote a
string you evidently want interpolated. Interpolation does not occur in
'-delimited strings, so you are attempting to connect to the server with
the literal name: $myserver . That probably isn't the real name of your
server. Remove the ' characters -- converting them to " would be a
useless use of "'s, which can actually be worse than it sounds (see:

perldoc -q quoting

).

You should probably also check the result

of your lConnect routine to see if it failed or not.

If it did fail, you'd never know. And with that
server name, it undoubtedly did fail. But I'm
surprised you didn't notice the bad server name in
the results of the print statement in lConnect.
You *did* provide us with copy/pasted code, right,
not a retyped version?


....

 

[Durairaj Avasi]

Durairaj Avasi wrote:

...

-----------------------^---------^

Well, one thing you are probably doing wrong is using ' to quote a
string you evidently want interpolated. Interpolation does not occur in
'-delimited strings, so you are attempting to connect to the server with
the literal name: $myserver . That probably isn't the real name of your
server. Remove the ' characters -- converting them to " would be a
useless use of "'s, which can actually be worse than it sounds (see:

perldoc -q quoting

).

You should probably also check the result

of your lConnect routine to see if it failed or not.

If it did fail, you'd never know. And with that
server name, it undoubtedly did fail. But I'm
surprised you didn't notice the bad server name in
the results of the print statement in lConnect.
You *did* provide us with copy/pasted code, right,
not a retyped version?


...

BOB

use Net::LDAP qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR);
use Authen::SASL;
use Net::LDAP::Util qw(ldap_error_name ldap_error_text);

sub lConnect {
my $server = shift;
print " the server name is $server\n";
my $ldap = Net::LDAP->new($server, port=> 389, version => 3);
print "=== The error is $@ <====\n";
return($ldap);
}

my $ldap = &lConnect('111.11.11.1');
my $sasl = Authen::SASL->new(mechanism => 'DIGEST-MD5', password
=>'xyzabc');
my $isBinded = $ldap->bind ('cn=durairaj
avasi,ou=itdev,dc=cow,dc=net', sasl => $sasl, version => 3);#
print "ERROR detected: -> ", ldap_error_name($isBinded->code), " ",
ldap_error_text($isBinded->code);

the above program returns the following::

ERROR detected: -> LDAP_INVALID_CREDENTIALS The wrong password was
supplied or t
he SASL credentials could not be processed

if do a normal bind like

$ldab->bind($mydn, password=>$password, version => 3);

( NOTE without SASL )

i am getting the following error

ERROR detected: -> LDAP_STRONG_AUTH_REQUIRED The server requires
authentication
be performed with a SASL mechanism


Tested with windows 2000 and windows xp getting the same error msg.