Unsupported SASL Mechanism

Log file message:

(Directory Server) SASL mechanism "..." is not supported by Directory Server.

Cause

Authentication Method = SASL is specified for a Authentication Services connection, but the specified SASL mechanism was not supported by the directory server.

Resolution

The SASL field of a directory server connection must be set to an SASL mechanism that is supported by the directory server.

To see the SASL mechanisms supported by a directory server:

From AD Explorer:

  1. Connect to the Active Directory.
  2. Right-click the Active Directory root, and select 'Properties...'.
  3. Select the 'RootDSE Attributes' tab.
  4. The supported SASL mechanisms for this Active Directory server are listed under the 'supportedSASLMechanisms' attribute.

MSDN:

  1. Determine the version of Microsoft Windows® Server.
  2. The supported SASL mechanisms are listed under in this MSDN article: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/a98c1f56-8246-4212-8c4e-d92da1a9563b.