[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SASL/Kerberos V4 & openldap





--On Thursday, October 31, 2002 11:23 AM -0800 "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> wrote:

It's likely a similar issue.  Try requesting no security
layers (as local/remote IPs are needed for this).

Kurt,

Indeed, doing an ldapsearch with -Omaxssf=0, the ldapsearch is successful.

It also works if I use -Omaxssf=2, and -Omaxssf=4 (all described in RFC2222 at http://www.ietf.org/rfc/rfc2222.txt).


From this page:

http://www.hut.fi/cc/docs/kerberos/nss_ldap.html

it seems that Openldap is not using the negotiated SASL buffer size correctly.

--Quanah

--
Quanah Gibson-Mount
Senior Systems Administrator
ITSS/TSS/Computing Systems
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html