[Date Prev][Date Next] [Chronological] [Thread] [Top]

Priority or restriction of SASL mechanisms

To: openldap-software@OpenLDAP.org
Subject: Priority or restriction of SASL mechanisms
From: John Morris <openldap@butchwax.com>
Date: Thu, 06 Jan 2005 12:20:05 -0600

Hi, all!

Just got upgraded to 2.2 from 2.0.  I'm using the FC3 RPMs.  One
behavioral change from 2.0 (which were modified RH RPMs from a couple
years ago) is that when doing an ldapsearch, the default SASL mechanism
is now MD5, whereas before it was GSSAPI (which is what I desire).  If I
add '-Y GSSAPI' to the ldapsearch commandline, GSSAPI works gorgeous.

This seems a little strange since I haven't configured any MD5 mechanism
(is any required?), and don't run saslauthd.

I've hacked away the problem with an 'rpm -e --nodeps cyrus-sasl-md5'.
Kinda nasty (why does the RH openldap RPM even depend on that package,
anyway?).

Is there a way to restrict the list of SASL mechanisms or to put a
priority on them?  Thanks for any advice.

	John

Follow-Ups:
- Re: Priority or restriction of SASL mechanisms
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: ACL assistance needed
Next by Date: RE: Multiple syncrepl problems
Index(es):
- Chronological
- Thread