[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
SASL EXTERNAL
Hi,
has anybody been able to successfully use LDAPS with SASL EXTERNAL? I do
get slapd to accept a client cert and report its availabitlity:
ldapsearch -x -H ldaps://server -s base -b "" \*
supportedsaslmechanisms
dn:
objectClass: top
objectClass: OpenLDAProotDSE
supportedSASLMechanisms: LOGIN
supportedSASLMechanisms: PLAIN
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: EXTERNAL
However,
ldapsearch -Y EXTERNAL ldaps://server -s base -b ""
leads to
ldap_sasl_interactive_bind_s: Unknown authentication method
Using ldapsearch from the Netscape SDK 4.1 gives a
ldap_sasl_bind: SASL bind in progress
(Probably because OpenLDAP responds with a BindResponse with
serverSaslCreds of length 0.)
--
Norbert Klasen
DFN Directory Services tel: +49 7071 29 70335
ZDV, Universität Tübingen fax: +49 7071 29 5912
Wächterstr. 76, 72074 Tübingen http://www.directory.dfn.de
Germany norbert.klasen@zdv.uni-tuebingen.de