The SASL authentication session factory uses the presence of an LDAP server in the startup flags to figure out if it should route PLAIN authentication attempts on $external to the native LDAP authentication code. However, if no LDAP server was set on startup, but one was specified dynamically via a setParameter, the factory will not realize that it can produce a native LDAP SASL session, and will incorrectly produce a CyrusSasl authentication session, which will try to use saslauthd which may not be configured.