[Date Prev][Date Next]
Re: SASL & /usr/lib/sasl/slapd.conf
OpenLDAP defaults disable PLAIN and ANONYMOUS. Server
defaults can be changed via slapd.conf(5). Client defaults
can be changed via the command line or ldap.conf(5).
At 06:06 PM 2002-01-22, alan milligan wrote:
>I have been having a few problems with my SASL setup, which I have mostly
>resolved, however, I think I may have discovered a bug along the way.
>A quick look at the code in servers/slapd/sasl.c suggests that the
>sasl_server_init( callbacks, "slapd") call is made, and the
>/usr/lib/sasl/slapd.conf should be read. There is however, some less than
>obvious code somehow using the callbacks to resolve pathname.
>I did not feel that it was using this file (although the SASL doco
>strongly suggests it must).
>To test, I set sasl_secprops to none, and thus had PLAIN, and ANONYMOUS
>appear as supportedSASLMechanisms. But the -Y option on ldapsearch refused
>to allow either of these, so I could not verify pwcheck_method pam in my
>[root@mistress openldap]# ldapsearch -D "uid=ispman,o=ispman" -b "o=ispman"
>ldap_sasl_interactive_bind_s: Unknown authentication method
>I am using linux-2.4.12, cyrus-sasl-1.5.27, and openldap-2.0.19
>Send and receive Hotmail on your mobile device: http://mobile.msn.com