https://bugs.winehq.org/show_bug.cgi?id=50572 Bug ID: 50572 Summary: LDAP_AUTH_NEGOTIATE login fails as authorization user is used instead of authentication user Product: Wine Version: 6.0 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: wldap32 Assignee: wine-bugs(a)winehq.org Reporter: damjan.jov(a)gmail.com Distribution: --- In the "ldapsearch" command line tool, "-X" is the authorization user and "-U" is the authentication user. For a server using LDAP_AUTH_NEGOTIATE, it must have the authentication user - supplying only the authorization user always fails: $ ldapsearch -h HOSTNAME -v -X USERNAME -W ldap_initialize( ldap://HOSTNAME ) Enter LDAP Password: SASL/DIGEST-MD5 authentication started ldap_sasl_interactive_bind_s: Invalid credentials (49) <===================== additional info: 8009030C: LdapErr: DSID-0C09055F, comment: AcceptSecurityContext error, data 52e, v23f0 Changing the "-X" to "-U", it successfully logs in. If both "-X" and "-U" are present, it also successfully logs in. In dlls/wldap32/bind.c, in the callback function sasl_interact(), Wine supplies its username to SASL_CB_USER which is like "-X", so login always fails the same way. If I change it to supply the username to SASL_CB_AUTHNAME (like "-U"), login succeeds. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.