[Date Prev][Date Next] [Chronological] [Thread] [Top]

Priority or restriction of SASL mechanisms



Hi, all!

Just got upgraded to 2.2 from 2.0.  I'm using the FC3 RPMs.  One
behavioral change from 2.0 (which were modified RH RPMs from a couple
years ago) is that when doing an ldapsearch, the default SASL mechanism
is now MD5, whereas before it was GSSAPI (which is what I desire).  If I
add '-Y GSSAPI' to the ldapsearch commandline, GSSAPI works gorgeous.

This seems a little strange since I haven't configured any MD5 mechanism
(is any required?), and don't run saslauthd.

I've hacked away the problem with an 'rpm -e --nodeps cyrus-sasl-md5'.
Kinda nasty (why does the RH openldap RPM even depend on that package,
anyway?).

Is there a way to restrict the list of SASL mechanisms or to put a
priority on them?  Thanks for any advice.

	John