[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: secure auth newbie Q

To: Krajcsovits Gyorgy <gyorgy.krajcsovits@wit.mht.bme.hu>
Subject: Re: secure auth newbie Q
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 11 Oct 2000 13:20:12 -0700
Cc: OpenLDAP list <openldap-general@OpenLDAP.org>
In-reply-to: <Pine.LNX.4.02.10010111355580.16251-100000@wit.wit.mht.bme. hu>

At 02:15 PM 10/11/00 +0200, Krajcsovits Gyorgy wrote:
> I've set up a Linux/OpenLDAP server and a Solaris 2.8/native
>client following  Igor Brezak's advice (found in archives).
>However it doesn't use any secure authentication yet.

OpenLDAP 2.0 supports the mandatory-to-implement LDAPv3
"secure" authentication method (SASL/DIGEST-MD5) detailed
in RFC 2829.

> I'd welcome some pointers about configuring the OpenLDAP server to
>use SASL, and also whether it is possible to secure not only
>the authentication but the data transfer too...

OpenLDAP 2.0 SASL support provides security layers when an
appropriate mechanism is chosen (such as DIGEST-MD5).  OpenLDAP
2.0 also supports the Start TLS (RFC 2830) extension.

For information on how to make use of OpenLDAP's
SASL and/or TLS support, see the openldap-software mailing list
archives and post any follow-up openldap specific questions to
the software mailing list.

Kurt

Prev by Date: Referral & Alias
Next by Date: Re: keywords
Index(es):
- Chronological
- Thread