[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: krb5 support w/o SASL?

To: "Dave Snoopy" <kingsnoopy7@yahoo.com>, "openldap" <openldap-software@OpenLDAP.org>
Subject: RE: krb5 support w/o SASL?
From: "Howard Chu" <hyc@highlandsun.com>
Date: Wed, 22 May 2002 16:38:54 -0700
Importance: Normal
In-reply-to: <20020522231118.20184.qmail@web21203.mail.yahoo.com>

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Dave Snoopy

> Can the OpenLDAP client utilities be compiled to have
> kerberos5 support, without using SASL?

No. The SASL mechanism is the only defined way to use Kerberos with LDAP.

> SASL uses shared-object files which are dynamically
> loaded everytime I use an LDAP tool (e.g. ldapsearch).
> I'd like to move away from this, and just have
> Kerberos5 client support statically compiled into
> ldapsearch. 

Just out of curiosity - why? Security reasons? Performance? Doesn't
make a lot of sense...
> 
> Has anyone done this, or does anyone know how to?

Try configuring SASL "--with-staticsasl". This is not an OpenLDAP-related
question.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

References:
- krb5 support w/o SASL?
  - From: Dave Snoopy <kingsnoopy7@yahoo.com>

Prev by Date: krb5 support w/o SASL?
Next by Date: configure failure
Index(es):
- Chronological
- Thread