[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SASL/Kerberos V4 & openldap

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: RE: SASL/Kerberos V4 & openldap
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Thu, 31 Oct 2002 14:15:44 -0800
Cc: Howard Chu <hyc@highlandsun.com>, openldap-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <5.1.0.14.0.20021031112235.03807588@127.0.0.1>
References: <5.1.0.14.0.20021031083343.038e0a48@127.0.0.1> <026901c2809d$d9883b80$0e01a8c0@CELLO> <026901c2809d$d9883b80$0e01a8c0@CELLO> <5.1.0.14.0.20021031083343.038e0a48@127.0.0.1> <5.1.0.14.0.20021031112235.03807588@127.0.0.1>

--On Thursday, October 31, 2002 11:23 AM -0800 "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> wrote:

It's likely a similar issue.  Try requesting no security
layers (as local/remote IPs are needed for this).


Kurt,

Indeed, doing an ldapsearch with -Omaxssf=0, the ldapsearch is successful.

It also works if I use -Omaxssf=2, and -Omaxssf=4 (all described in RFC2222 at http://www.ietf.org/rfc/rfc2222.txt).

From this page:


http://www.hut.fi/cc/docs/kerberos/nss_ldap.html

it seems that Openldap is not using the negotiated SASL buffer size correctly.

--Quanah

--
Quanah Gibson-Mount
Senior Systems Administrator
ITSS/TSS/Computing Systems
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

Follow-Ups:
- RE: SASL/Kerberos V4 & openldap
  - From: "Howard Chu" <hyc@highlandsun.com>

References:
- RE: SASL/Kerberos V4 & openldap
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- RE: SASL/Kerberos V4 & openldap
  - From: "Howard Chu" <hyc@highlandsun.com>
- RE: SASL/Kerberos V4 & openldap
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: URI Directive in slapd.conf doesn't seem to work
Next by Date: RE: SASL/Kerberos V4 & openldap
Index(es):
- Chronological
- Thread