[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: cmusaslsecretPLAIN attribute
John Burian <john@burian.org> writes:
> Dieter Kluenter wrote:
>> From your remarks on CA and certificate a assume that you want to use
>> TLS, while your ldapwhoami seems to indicate that you want to make use
>> of PLAIN mechanism, which is disabled by default, unless you
>> provide a secure transport method, that is either TLS or local socket.
>> Unless you provide more information on the parameters used, no advice
>> can be given.
>>
>> -Dieter
>>
>>
> Correct, I want to be using SASL/PLAIN over TLS. The following works:
>
> $ ldapwhoami -x -W -D 'uid=burianj,ou=people,dc=cqcb'
> Enter LDAP Password:
> dn:uid=burianj,ou=People,dc=cqcb
> Result: Success (0)
[...]
Just another method to authenticate, while using TLS, is to create a
proper user certificate an validiate this by
$ ldapwhoami -Y external -ZZ -H ldap://localhost
-Dieter
[1]
Footnotes:
[1] Yes, I have a correct certificate which is defined in ~/.ldaprc
--
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6