[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP v3 and Referrals

To: <openLDAP-software@OpenLDAP.org>
Subject: Re: OpenLDAP v3 and Referrals
From: "Christophe Chaloin" <chris@chaloin.dyndns.org>
Date: Wed, 21 Aug 2002 02:41:10 +0200
References: <3D61F918.8994.124C94@localhost>

Hi,

Chaging the suffix doesn't work better.

the answer is in a great document i found here :
ftp://kalamazoolinux.org/pub/pdf/ldapv3.pdf 

with LDAPv3, clients using simple or "plain text" bind can't chase referrals.

So i have to use OpenLDAP with a "strong" authentication mechanism.
As i don't really want to set up a complex SASL + kerberosV ... i have to use LDAPv2 :((

However, i'm asking if setting up "SASL+PAM" will be easier than SASL + kerberos
and if "SASL+PAM" bind method is sufficient to allow automatic chasing ...

Concerning the DEREF directive, you're right. This deals with ALIAS and not REFERRALS.


Thanks,
Christophe Chaloin

> > 
> > slapd.conf file looks like this on each server :
> 
> I think the suffix for server B should be:
> 
> suffix: o=subtree,o=top
> 
> ---
> 
> Another question:
> 
> DEREF always 
> only has to do with aliases, and NOT with referrals, is my 
> understanding correct ?
> 
> Thanks,
> ace

References:
- Re: OpenLDAP v3 and Referrals
  - From: "Ace Suares" <ace@suares.com>

Prev by Date: Re: saslRegexp
Next by Date: Re: saslRegexp
Index(es):
- Chronological
- Thread