[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Basic SASL setup instructions
Have you tried using just the Address Book in Netscape? I've never had
any success with ldaps:// in Netscape... and unfortunately, LDAP doesn't
seem to be present in Mozilla yet ;(
The Address Book should support at minimum, SSL with client auth. I'm
fairly certain it should support the use of client certs as well....
Edwin
"Kurt D. Zeilenga" wrote:
> At 11:15 PM 10/17/00 +0100, Jim Hud wrote:
> >Is it currently being worked on?
>
> Yes.
>
> >I was hoping to use TLS/SSL but neither
> >Netscape or Outlook Express will work with authenticated SSL
>
> Note that client's TLS (SSL) certificate is not used establish
> LDAP authorization unless the client requests a SASL/EXTERNAL
> bind.
>
> >to slapd so SASL becomes the next best option,
>
> I didn't realize that Netscape and Microsoft clients had
> implemented any SASL authentication methods yet. I'm under
> the impression they only support simple bind, but that they
> did support this over both LDAP and LDAP over SSL.
>
> Netscape "smart" (anon search + simple bind) authentication
> over ldaps:// doesn't work for me [the 0x61 issue others have
> reported]... but simple bind works fine. See FAQ for details
> on how to provide a bind DN to Netscape.
> http://www.openldap.org/faq/index.cgi?file=138
>
> BTW, the test user "uid=test,dc=openldap,dc=org" w/
> password "secret" is now available for testing purposes
> at ldap://ldap.openldap.org/ & ldaps://ldap.openldap.org/
>
> >but I need the LDAP database to hold the id's and passwords.
> >
> >How can I help this along by adding my efforts?
>
> By enquiring on the developer's list.