[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL AD + SASL SCRAM

To: openldap-technical@openldap.org
Subject: SASL AD + SASL SCRAM
From: Pieter Baele <pieter.baele@gmail.com>
Date: Wed, 16 May 2012 11:47:49 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=bmiATapw18FJn7HnlyTqx8lUssK/OocEfCAeVUCa8Iw=; b=r/DfcNmdysRP+ODm2NmUczl8Lkixztxg9+z27Tk70EExIu3nVvzyUpGAikLSdtUWCJ Rbhccvi/Bw1bb+riPgSdi420ByzmT5WW4pT56oj4PmIvrge8dNLmixcxX7x2TocwBGaL ysJFwoRhXgoU9RILlU8Y3xk7dGWmxSoN9DfueG9cduYeHsH9WCYYg4oSTd3wrJo9zpuB K3PeKSx+SQ/eFtCMtmt+7Yj6YH7JrX9gby3sZkoNqW6uARqzQSPm6q1MB8W+0pO1NOAa jN9XME5DUWblCWobrC7K+MyNed1nVXuapNDi2VaUHRhGIerlM/rPtW3Kt4sxSLVVOBgH eqeA==

Hi,

My current LDAP setup uses SASL PTA to authenticate against Active Directory.
For users only existing in OpenLDAP, I would use SASL SCRAM, so no
passes over the wire except for these in AD ;-)

But I believe only 1 method can be used by SASL External?
Any guidelines on configuring something as this? Do I really need the
meta backend or is there a better way?

-- PieterB

Follow-Ups:
- Re: SASL AD + SASL SCRAM
  - From: Dan White <dwhite@olp.net>

Prev by Date: "do_bind: invalid dn" while trying to monitor slapd using pacemaker `slapd' resource agent
Next by Date: Re: Fwd: Root cause: Strange OpenLdap performace issue
Index(es):
- Chronological
- Thread