A question regarding the use of the ldappasswd utility and SASL authentication. There are actually two operations going on by using ldappasswd: - bind to the ldap server via SASL - change the userPassword atribute in the selected entry Wouldn't the password used for the second part be transmitted in the clear? The first part uses SASL, but what about the rest of the session in this case?