[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Support of Kerberos V5 safe and private messages for LDAP

To: Abhinav Ratna <abhi_ldap@yahoo.com>, OpenLDAP-software@OpenLDAP.org
Subject: Re: Support of Kerberos V5 safe and private messages for LDAP
From: Norbert Klasen <norbert.klasen@daasi.de>
Date: Fri, 08 Feb 2002 14:59:27 +0100
Content-disposition: inline
In-reply-to: <20020208115923.13505.qmail@web14605.mail.yahoo.com>
References: <20020208115923.13505.qmail@web14605.mail.yahoo.com>

--On Freitag, 8. Februar 2002 03:59 -0800 Abhinav Ratna <abhi_ldap@yahoo.com> wrote:

 Basically i  plan to write a client that presents a
kerberos ticket to the LDAP server and after mutual
authentication between the LDAP server and itself,
does an encrypted message exchange with the server and
thus the LDAP server ( directly or through GSSAPI )
also need to send encrypted messages to the client.

If you're using the OpenLDAP client libraries and don't set SASL_SECPROPS maxssf < 56, a security layer, ie. an encrypted message exchange, will automatically be setup. (Works with OpenLDAP Servers and also Microsoft Active Directory).

--
Norbert Klasen, Dipl.-Inform.
DAASI International GmbH                 phone: +49 7071 29 70336
Wilhelmstr. 106                          fax:   +49 7071 29 5114
72074 Tübingen                           email: norbert.klasen@daasi.de
Germany                                  web:   http://www.daasi.de

References:
- Re: Support of Kerberos V5 safe and private messages for LDAP
  - From: Abhinav Ratna <abhi_ldap@yahoo.com>

Prev by Date: Re: SASL and PAM based password changing
Next by Date: Re: Support of Kerberos V5 safe and private messages for LDAP
Index(es):
- Chronological
- Thread