[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: krb5PrincipalName and userPassword



Turbo Fredriksson wrote:
"Howard" == Howard Chu <hyc@symas.com> writes:

>> So what's the point of having {SASL} in the userPassword then?

    Howard> No one ever said there was any point to it. Why are you
    Howard> using it if you don't understand what it's for?

I have no idea. It's been YEARS since I was 'taught' (?) to use it...
I sat up 1.3.something-low (or was even earlier than that!?) and I
haven't read a manual/doc about this in years... I've just taken my
old db/config and did the absolutly nessesary changes to get it to
work...

I don't know what planet you've been living on, but the last 1.x release of OpenLDAP was 1.2, there was no 1.3. And between 1.x and 2.3 huge volumes of new documentation have been written. You can operate with obsolete knowledge if you like, but it's smarter to read the docs that match the software revision you're working with.


Was {KERBEROS} required in userPassword?

Nothing is ever *required* in userPassword. Different things *may* be set in userPassword depending on what you want to accomplish.


Pretty sure I explained this to you several years ago. I won't bother to go thru it again.

http://www.openldap.org/lists/openldap-software/200206/msg00334.html

    Howard> From the sound of it, yes, the SASL regexp worked as it
    Howard> should.

Oki, that looked reasonble and the only conclution I could draw
from my experience..

But I'd _really_ like an explanation of the {SASL} 'thingie'...

-- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/