[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Support of Kerberos V5 safe and private messages for LDAP

--On Freitag, 8. Februar 2002 03:59 -0800 Abhinav Ratna <abhi_ldap@yahoo.com> wrote:

 Basically i  plan to write a client that presents a
kerberos ticket to the LDAP server and after mutual
authentication between the LDAP server and itself,
does an encrypted message exchange with the server and
thus the LDAP server ( directly or through GSSAPI )
also need to send encrypted messages to the client.

If you're using the OpenLDAP client libraries and don't set SASL_SECPROPS
maxssf < 56, a security layer, ie. an encrypted message exchange, will automatically be setup. (Works with OpenLDAP Servers and also Microsoft Active Directory).

Norbert Klasen, Dipl.-Inform.
DAASI International GmbH                 phone: +49 7071 29 70336
Wilhelmstr. 106                          fax:   +49 7071 29 5114
72074 Tübingen                           email: norbert.klasen@daasi.de
Germany                                  web:   http://www.daasi.de