SASL - Active Directory from docker container - LdapOption.LDAP_OPT_X_SASL_NOCANON

[palvferenc]

Hi!

Currently I'm trying to make an ldap query from an ubuntu docker container with your library.
Reverse DNS is not working from docker in bridge network mode, I would like to solve this by disabling canonical DNS name checking for openldap.

I can successfuly make an ldap query from the container with ldap search, the authentication method is Digest.
To have successfull result I had to put "SASL_NOCANON on" in the /etc/ldap/ldap.conf file in the container.

So I can make successfull query with ldapsearch but utilising your library from a .NET Core 3.1 app I get error results:

Invalid credentials. 80090303: LdapErr: DSID-0C09055A, comment: The digest-uri does not match any LDAP SPN's registered for this server., data 0, v23f0.

This is caused by unsuccesfull reversse dns query, I checked the ldap search without /etc/ldap/ldap.conf modification, I had same result error result and also ldapsearch with debug gives info about it.

In the documentation I found, it is possible to provide options for the native openldap library call in your library.

I'm trying to disable canonical check with the following:

connection.SetOption(LdapOption.LDAP_OPT_X_SASL_NOCANON,1);

I got same error result when running the application from the container:

Invalid credentials. 80090303: LdapErr: DSID-0C09055A, comment: The digest-uri does not match any LDAP SPN's registered for this server., data 0, v23f0.

Thanks in advance,
Ferenc

[flamencist]

try to use global option

connection.SetOption(LdapOption.LDAP_OPT_X_SASL_NOCANON,1, true);