[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SASL-GSSAPI Binds on a refereal bug? (ITS#2872)

To: openldap-its@OpenLDAP.org
Subject: RE: SASL-GSSAPI Binds on a refereal bug? (ITS#2872)
From: drwachd@sandia.gov
Date: Mon, 15 Dec 2003 14:55:49 GMT

Why is this a "documented feature"?  Are there any advantages to do it this
way?

-dan

> -----Original Message-----
> From: hyc@highlandsun.com [mailto:hyc@highlandsun.com]
> Sent: Friday, December 12, 2003 3:40 PM
> To: openldap-its@OpenLDAP.org
> Subject: RE: SASL-GSSAPI Binds on a refereal bug? (ITS#2872)
> 
> > -----Original Message-----
> > From: owner-openldap-bugs@OpenLDAP.org
> > [mailto:owner-openldap-bugs@OpenLDAP.org]On Behalf Of drwachd@sandia.gov
> 
> > Full_Name: Daniel Wachdorf
> > Version: 2.1.25
> > OS: linux
> > URL: ftp://ftp.openldap.org/incoming/
> > Submission from: (NULL) (134.253.26.10)
> 
> > When running ldap search with a sasl gssapi bind and the
> > option to follow referrals like:
> >
> > ldapsearch -Y GSSAPI -C -b dc=base,dc=com -h ldap.base.com cn=object
> >
> > If the server returns a referal, the client will then attept
> > to bind to the next
> > server.  However, this bind is a simple bind. Shouldn't it
> > automatically try to
> > do a SASL bind to the second server?
> 
> The OpenLDAP command-line tools only chase referrals using anonymous
> Simple
> Binds. This is a documented feature, not a bug.
> 
>   -- Howard Chu
>   Chief Architect, Symas Corp.       Director, Highland Sun
>   http://www.symas.com               http://highlandsun.com/hyc
>   Symas: Premier OpenSource Development and Support
>

Prev by Date: RE: ldap_bind(3) man page has incorrect prototype for ldap_sasl_interactive_bind_s (ITS#2875)
Next by Date: Re: Bug in LDAP_CONTROL_PROXY_AUTHZ (ITS#2871)
Index(es):
- Chronological
- Thread