[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE:



> -----Original Message-----
> From: Adams, Gavin [mailto:gadams@promisant.com]

> Does Cyrus SASL 1.5 support the GSSAPI mechanism? 1.5 is the provided

Yes.

> RPM with RedHat 7.3 distro. Would it be recommended to build OpenLDAP
> 2.1, upgrade SASL to 2.x and then give it a go?

I would say yes, but I'm a developer and I always try the latest and greatest.
It looks like other apps have been slow to support Cyrus 2.1 as well, so if
SASL is your only motivation, it may not be worth it. Of course, there's enough
other changes that I think the upgrade is worth it.
>
> And I though OpenSSL had a complex implementation.... :>
>
> --- Gavin
>
> > -----Original Message-----
> > From: Howard Chu [mailto:hyc@highlandsun.com]
> > Sent: Monday, June 17, 2002 11:40 AM
> > To: Rodier Bernard; openldap-software@OpenLDAP.org
> > Subject: RE:
> >
> > OpenLDAP 2.0 only supports Cyrus SASL 1.5.
> >
> >   -- Howard Chu
> >   Chief Architect, Symas Corp.       Director, Highland Sun
> >   http://www.symas.com               http://highlandsun.com/hyc
> >   Symas: Premier OpenSource Development and Support
> >
> > > -----Original Message-----
> > > From: owner-openldap-software@OpenLDAP.org
> > > [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Rodier
> Bernard
> > > Sent: Monday, June 17, 2002 5:13 AM
> > > To: openldap-software@OpenLDAP.org
> > > Subject:
> > >
> > >
> > > Hi all,
> > >
> > > I had intalled OpenLDAP and Kerberos on a box (Red Hat 7.3 with
> > > OpenLDAP-2.0.23 cyrus-sasl-2.1.2)
> > >
> > > acually users can authenticate themselves on the system using
> > > ldap (nss_ldap
> > > and pam_ldap). I can recieve tickets from kdc but I can't query ldap
> > with
> > > SASL GSSAPI mechanism.
> > >
> > > when I try directly on ldapserver
> > >
> > > $ldapsearch -X -D "cn=root,dc=highdeal,dc=com"
> > >
> > > i obtain the following answerd :
> > >
> > >        SASL/GSSAPI authentication started
> > >        ldap_sasl_interactive_bind_s: Local error
> > >
> > > and on a remote client, answer is:
> > >
> > >        ldap_sasl_interactive_bind_s: Unknown authentication method
> > >
> > > but i obtain the following with
> > >
> > > $ldapsearch -h Maracas -x -b "" -s base -LLL
> supportedSASLMechanisms:
> > > dn:
> > > supportedSASLMechanisms: GSSAPI
> > >
> > > thanks in advance
> > >
> > > Bernard