[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Basic SASL setup instructions
Yes, Outlook 98 has no problem connecting with SSL and bind DN and bind PW.
I've been running a bunch of tests and logs against Outlook and Netscape.
Netscape
even fails against the s_server command in the openssl tools. I keep getting
"alert
read:fatal:bad certificate" right after the server finishes writing its
certificate.
The error occurs regardless of whether the server expects a client cert or
not. It
just doesn't like Netscape's response. Ordinarily the client should just
send a
key exchange negotiation message if it's not going to send a client cert.
Netscape
sends something else, I haven't decoded it yet.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
> -----Original Message-----
> From: Jim Hud [mailto:jdhz@btinternet.com]
> Sent: Wednesday, October 18, 2000 6:27 AM
> To: Howard Chu; Villy Kruse; openldap-software@OpenLDAP.org
> Subject: Re: Basic SASL setup instructions
>
>
> Someone suggested that Secure Password Authentication is NTLM which is
> consistent because the method OE tries to use (137) is the same as an
> earlier post complained of re ADSI.
>
> Have you actually used Outlook 98 with SSL and Login? All other
> combinations are OK in OE.
>
> ----- Original Message -----
> From: "Howard Chu" <hyc@highlandsun.com>
> To: "Villy Kruse" <vek@pharmapartners.nl>;
> <openldap-software@OpenLDAP.org>
> Sent: Wednesday, October 18, 2000 1:58 PM
> Subject: RE: Basic SASL setup instructions
>
>
> > For what it's worth, I've had no trouble connecting with Outlook 98. It
> > connects successfully to slapd with or without SSL/TLS, and has
> no trouble
> > searching for names and such. It doesn't seem to know about SASL, and I
> too
> > am curious about what Microsoft means by Secure Password Authentication.
> >
> > Note that Outlook behaves a little differently, you can enter a bind DN
> and
> > password in the configuration, so it just binds once, performs a search,
> and
> > then unbinds. Netscape binds anonymously to search for your
> bind DN (based
> > on email address, by default), then tries to rebind as you to
> perform the
> > desired search.
> >
> > -- Howard Chu
> > Chief Architect, Symas Corp. Director, Highland Sun
> > http://www.symas.com http://highlandsun.com/hyc
> >
> > > -----Original Message-----
> > > From: owner-openldap-software@OpenLDAP.org
> > > [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Villy Kruse
> >
> > > On Wed, 18 Oct 2000, Jim Hud wrote:
> > > > I am sure you know better than me, I was jumping to
> > > conclusions. I thought
> > > > SASL allowed different mechanisms and assumed that one of them
> > > was supported
> > > > by Netscape and Microsoft clients, what does MS Outlook Express
> > > mean by "Log
> > > > on using secure password authentication"? It is separate from SSL
> where
> > > > Outlook Express crashes anyway.
> >
> > > Which OE version?
> >
> > > Villy
> >
> >
> >
>