[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Default authentication method



Norbert Klasen wrote:
> 
> --On Donnerstag, 8. November 2001 11:22 +0100 Sven Eisenhauer
> <sven.eisenhauer@danet.de> wrote:
> 
> > I am trying to use the postfix  MTA with open-ldap-client-2 package from
> > SuSE  7.3 professional.
> > But I rushed into a problem:
> > When I use ldapsearch, I have to pass additional parameters: "-x -P 2" to
> > get  results. But postfix cannot do this or yet I have not found out how
> > it could. When I use ldapsearch without this parameters I always get:
> >
> > ldap_sasl_interactive_bind_s: Unknown authentication method
> 
> By default ldapsearch tries to read the supportedSASLMechanisms from the
> servers rootDSE. Since this is only supported in LDAPv3 you get the above
> mentioned error.
> 
> > Because of this, I think postfix also has a bind problem.
> > So my question is:
> > Can I set a system wide default, that ldap client libs and all
> > applications  always use simple authentication and protocol version 2?
> 
> see man 5 ldap.conf, but I doubt postfix takes it into account. You should
> take a look at the servers logfile to see how postfix attempts to connect.

I am just facing a similar problem: We have an "old" LDAP-Server
running (not capable of any other than basic authentication). So I'm
reading ldap.conf to see how to stop any client from sending
authentification requests using SASL. 
So, there's SASL_SECPROPS .....
But what do have to fill in to keep it authenticating the basic way? 

Thanks in advance

> 
> --
> Norbert Klasen
> DAASI International GmbH                 phone: +49 7071 29 70336
> Wilhelmstr. 106                          fax:   +49 7071 29 5114
> 72074 Tübingen                           email: norbert.klasen@daasi.de
> Germany                                  web:   http://www.daasi.de