[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Binding options - enable/disable?

Subject: Re: Binding options - enable/disable?
From: "Mark H. Wood" <mwood@IUPUI.Edu>
Date: Mon, 23 Apr 2001 08:47:24 -0500 (EST)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <91B9064BFDD1D4119D3D00508BD891430D9B41@POREDMOND>

On Fri, 20 Apr 2001, Barnes, Todd wrote:
> How does one go about disabling certain types of binding?  Say for example I
> want to require a type of SASL binding and want to disallow simple binding.
> How do I go about denying a user using the right credentials with the wrong
> type binding request?

This is sort of scattered all over.  As noted in another posting, you can
'require sasl' if that is really what you require.  See also 'deny
bind_simple' and the other 'deny' options.  See also 'sasl-secprops' for
fine-tuning SASL in one way, and (again, as noted in that other posting)
you may be able to simply omit to build SASL mechanisms that you don't
want used, or to delete their plugins after SASL installation, to tune it 
in another way.

You may have to depend on the intersection of several orthogonal
constraints to get precisely what you want.

-- 
Mark H. Wood, Lead System Programmer   mwood@IUPUI.Edu
Make a good day.

References:
- Binding options - enable/disable?
  - From: "Barnes, Todd" <Todd.Barnes@avocent.com>

Prev by Date: Re: LDAP filters
Next by Date: Error executing ldapsearch
Index(es):
- Chronological
- Thread