Comment 8 for bug 1987992

I need further advice how to proceed in fixing this issue.

Upstream has a strong focus on backward compatibility and support of different LDAP implementations. Checks during configure (build) time seem to preferred over runtime checks. This strategy conflicts with Ubuntu packaging strategy for Cyrus SASL packages.

Currently followed strategy for fixing this issue is to add libsasl2-modules-gssapi-mit to autofs build dependencies. This automatically adds libsasl2-modules and we have most of the SASL mechanims available at build time. A configure message informs users about the detected mechanims.

On the other hand SCRAM family authentication mechanisms should be provided as part of the shared secret SASL authentication package (libsasl2-modules). See bug #1988730. This is required to allow Heimdal GSSAPI and SCRAM on clients. In this case, provided patch would just need to add libsasl2-modules to autofs build dependencies.

But still Cyrus SASL packaging in Ubuntu makes it very difficult to check and print all (installable) SASL bind/authentication mechanims on a server/workstation during build time.

Any ideas how to solve this hen and egg issue?