[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL EXTERNAL

To: openldap-software <openldap-software@OpenLDAP.org>
Subject: SASL EXTERNAL
From: Norbert Klasen <klasen@zdv.uni-tuebingen.de>
Date: Wed, 02 May 2001 17:12:56 +0200
Organization: DFN Directory Services, ZDV Uni Tübingen

Hi,
has anybody been able to successfully use LDAPS with SASL EXTERNAL? I do
get slapd to accept a client cert and report its availabitlity:

ldapsearch -x -H ldaps://server -s base -b "" \*
supportedsaslmechanisms  
dn:
objectClass: top
objectClass: OpenLDAProotDSE
supportedSASLMechanisms: LOGIN
supportedSASLMechanisms: PLAIN
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: EXTERNAL

However,
ldapsearch -Y EXTERNAL ldaps://server -s base -b ""
leads to 
ldap_sasl_interactive_bind_s: Unknown authentication method

Using ldapsearch from the Netscape SDK 4.1 gives a
ldap_sasl_bind: SASL bind in progress
(Probably because OpenLDAP responds with a BindResponse with
serverSaslCreds of length 0.)

-- 
Norbert Klasen
DFN Directory Services                           tel: +49 7071 29 70335
ZDV, Universität Tübingen                        fax: +49 7071 29 5912
Wächterstr. 76, 72074 Tübingen              http://www.directory.dfn.de
Germany                             norbert.klasen@zdv.uni-tuebingen.de

Follow-Ups:
- Re: SASL EXTERNAL
  - From: Norbert Klasen <klasen@zdv.uni-tuebingen.de>

Prev by Date: Re: Memory leaks detection.
Next by Date: Re: SASL EXTERNAL
Index(es):
- Chronological
- Thread