[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Basic SASL setup instructions

To: "Jim Hud" <jdhz@btinternet.com>, <openldap-software@OpenLDAP.org>
Subject: RE: Basic SASL setup instructions
From: "Howard Chu" <hyc@highlandsun.com>
Date: Wed, 18 Oct 2000 06:39:04 -0700
Importance: Normal
In-reply-to: <058c01c03907$81f84660$4e42a8c0@dhntnbook>

Yes, Outlook 98 has no problem connecting with SSL and bind DN and bind PW.

I've been running a bunch of tests and logs against Outlook and Netscape.
Netscape
even fails against the s_server command in the openssl tools. I keep getting
"alert
read:fatal:bad certificate" right after the server finishes writing its
certificate.
The error occurs regardless of whether the server expects a client cert or
not. It
just doesn't like Netscape's response. Ordinarily the client should just
send a
key exchange negotiation message if it's not going to send a client cert.
Netscape
sends something else, I haven't decoded it yet.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc

> -----Original Message-----
> From: Jim Hud [mailto:jdhz@btinternet.com]
> Sent: Wednesday, October 18, 2000 6:27 AM
> To: Howard Chu; Villy Kruse; openldap-software@OpenLDAP.org
> Subject: Re: Basic SASL setup instructions
>
>
> Someone suggested that Secure Password Authentication is NTLM which is
> consistent because the method OE tries to use (137)  is the same as an
> earlier post complained of re ADSI.
>
> Have you actually used Outlook 98 with SSL and Login?  All other
> combinations are OK in OE.
>
> ----- Original Message -----
> From: "Howard Chu" <hyc@highlandsun.com>
> To: "Villy Kruse" <vek@pharmapartners.nl>;
> <openldap-software@OpenLDAP.org>
> Sent: Wednesday, October 18, 2000 1:58 PM
> Subject: RE: Basic SASL setup instructions
>
>
> > For what it's worth, I've had no trouble connecting with Outlook 98. It
> > connects successfully to slapd with or without SSL/TLS, and has
> no trouble
> > searching for names and such. It doesn't seem to know about SASL, and I
> too
> > am curious about what Microsoft means by Secure Password Authentication.
> >
> > Note that Outlook behaves a little differently, you can enter a bind DN
> and
> > password in the configuration, so it just binds once, performs a search,
> and
> > then unbinds. Netscape binds anonymously to search for your
> bind DN (based
> > on email address, by default), then tries to rebind as you to
> perform the
> > desired search.
> >
> >   -- Howard Chu
> >   Chief Architect, Symas Corp.       Director, Highland Sun
> >   http://www.symas.com               http://highlandsun.com/hyc
> >
> > > -----Original Message-----
> > > From: owner-openldap-software@OpenLDAP.org
> > > [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Villy Kruse
> >
> > > On Wed, 18 Oct 2000, Jim Hud wrote:
> > > > I am sure you know better than me, I was jumping to
> > > conclusions.  I thought
> > > > SASL allowed different mechanisms and assumed that one of them
> > > was supported
> > > > by Netscape and Microsoft clients, what does MS Outlook Express
> > > mean by "Log
> > > > on using secure password authentication"?  It is separate from SSL
> where
> > > > Outlook Express crashes anyway.
> >
> > > Which OE version?
> >
> > > Villy
> >
> >
> >
>

References:
- Re: Basic SASL setup instructions
  - From: "Jim Hud" <jdhz@btinternet.com>

Prev by Date: Re: Basic SASL setup instructions
Next by Date: Re: Basic SASL setup instructions
Index(es):
- Chronological
- Thread