* Lewis Thompson (purple@lewiz.info) wrote:
> ldapseach -D "uid=lewiz,ou=People,dc=lewiz,dc=org" -W
>
> fails with error 49 (auth error) when userPassword is set to
> {SASL}lewiz@LEWIZ.ORG. Is that what you meant?
>
> I then switched userPassword to ``abc123'' and it worked perfectly.
>
> I had troubles compiling OpenLDAP21 with --enable-kpasswd because of
> some odd FreeBSD-specific crypt issues (that I still haven't resolved).
> However, I /think/ that answers your question? If not, maybe I use the
> userPassword field in a different way in order to use SASL?
That does help answer my question, as does the information provided by
Howard. It sounds like it *could* be done by setting up slapd to use
saslauthd and configuring that to use GSSAPI. It seems rather involved
though and we may go back to compiling with --enable-kpasswd, though I
recall we may have disabled it because of problems compiling it too (and
lack of expected use..).
Thanks,
Stephen
Attachment:
pgpMwi9ddLjXz.pgp
Description: PGP signature