[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP 2.1 Released

To: <openldap-software@OpenLDAP.org>
Subject: Re: OpenLDAP 2.1 Released
From: Allan Streib <astreib@indiana.edu>
Date: Fri, 14 Jun 2002 09:26:52 -0500
In-reply-to: <NMEFLNHODBAOPDKNNJALIEOBDAAA.hyc@highlandsun.com> ("Howard Chu"'s message of "Fri, 14 Jun 2002 01:06:02 -0700")
References: <NMEFLNHODBAOPDKNNJALIEOBDAAA.hyc@highlandsun.com>
User-agent: Gnus/5.090006 (Oort Gnus v0.06) Emacs/21.1 (powerpc-apple-darwin)

Regarding {KERBEROS}user@REALM as the userPassword value, 

"Howard Chu" <hyc@highlandsun.com> writes:

> I don't know why anyone would use it. I think it may be a holdover from
> Kerberos IV support in the original UMich distribution, before SASL support
> existed. At any rate, it has always been a bad idea.

While SASL/GSSAPI is clearly preferable, one would use it if one had to
suport LDAP clients that could not do SASL/GSSAPI, but still wanted to use
Kerberos to handle the authentication.

Allan

References:
- RE: OpenLDAP 2.1 Released
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: Re: newbie Question
Next by Date: are alias working under openldap 2.0.14?
Index(es):
- Chronological
- Thread