[Bug 50545] AD Explorer fails to connect

[WineHQ Bugzilla]

https://bugs.winehq.org/show_bug.cgi?id=50545

--- Comment #27 from Dmitry Timoshkov <dmitry at baikal.ru> ---
(In reply to Hans Leidekker from comment #26)
> (In reply to Damjan Jovanovic from comment #24)
> > (In reply to Hans Leidekker from comment #23)
> > 
> > > This may also depend on the authentication scheme.
> > 
> > How are we supposed to know the authentication scheme?
> 
> We don't know because we're letting the client and server negotiate the
> scheme. We could iterate over a known list instead.
> 
> I did some testing and it turns out that both GSSAPI and GSS-SPNEGO call
> SASL_CB_USER, but successful authentication depends on this callback
> returning an error. DIGEST-MD5 also calls this one, followed by
> SASL_CB_AUTHNAME and SASL_CB_PASS.
> 
> SASL_CB_USER appears to be used for supplying a proxy username, which is not
> supported by all schemes.

It works here with my username and a Kerberos ticket (0x4001 - SASL_CB_USER):

0024:trace:adsldp:openobj_OpenDSObject
0019975C,L"LDAP://xxx.yyy.zzz/rootDSE",L"user",001997FC,00000021,0031C1E0
0024:trace:adsldp:openobj_OpenDSObject host L"xxx.yyy.zzz", port 0, object
L"rootDSE"
0024:trace:wldap32:ldap_initW (L"xxx.yyy.zzz", 0)
0024:trace:wldap32:ldap_set_optionW (0x19a5a8, 0x00000011, 0x31bd60)
0024:trace:wldap32:ldap_connect (0x19a5a8, (nil))
0024:trace:wldap32:ldap_bind_sW (0x19a5a8, (null), 0x31bd70, 0x00000486)
0024:trace:wldap32:sasl_interact 0x7d78f320,00000002,0x31bbd8,0x7d792600
0024:trace:wldap32:sasl_interact sasl->id = 4001
0024:trace:wldap32:ldap_search_sW (0x19a5a8, (null), 0x00000000,
L"(objectClass=*)", 0x31bd28, 0x00000000, 0x31bd14)
0024:trace:wldap32:WLDAP32_ldap_first_entry (0x19a5a8, 0x7d784d00)
0024:trace:wldap32:ldap_get_valuesW (0x19a5a8, 0x7d784d00,
L"subschemaSubentry")

It's a snippet of the log running AD Explorer.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.