ldapsearch on Mac OS
By gc on Apr 11, 2009
MacBook comes with a ldapsearch command under /usr/bin. However I could not use it to search on either Sun Directory Server 5.x/6.x or OpenDS 1.x.
Running against Sun DS 5.x/6.x prints error
SASL/EXTERNAL authentication started
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available:
while OpenDS shows a different message
ldapsearch ldap_sasl_interactive_bind_s: Server is unwilling to perform (53)
additional info: Rejecting the requested operation because the connection has not been authenticated
An option '-x' to use simple authentication instead of SASL is required to get the command working. This option is also available on ldapsearch of Solaris, but with a totally different meaning. Actually SASL itself means Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. I guess option '-x' means real simple authentication without security.
I don't want to mess up my experience of ldapsearch. I decided to install OpenDS on my MacBook and replace the /usr/bin/ldapsearch with the one bundled in OpenDS. To download OpenDS, you can go to Apple Download Site or https://opends.dev.java.net/public/downloads_index.html.